Cayman gateways vulnerable to a denial of service via oversized ICMP echo (ping) requests.

Overview Cayman gateways vulnerable to a denial of service via oversized ICMP echo ping requests. Installing the newest version of the vendor software will resolve this vulnerability. Description Cayman gateways running versions 5.5 Build R0, 5.3 Build R2, 5.3 Build R1 are vulnerable to an...

Cayman gateways ship with null administrative and user level passwords

Overview Cayman gateways ship without a default password on the admin and user accounts. As long as the gateway is not addressable via the WAN, this can only be accessed and set by anyone on the LAN side. With admin access, the gateway settings can be configured by an intruder. Description Cayman...

Cayman gateways are vulnerable to a denial of service via a portscan

Overview Cayman gateways are vulnerable to a denial of service. An attacker can send a number of TCP connect requests or SYN packets, in conjunction with a "Bouncing" vulnerability, and can cause a denial of service to the gateway. Description The gateway will crash after receiving a number of TC...

Cayman gateways are vulnerable to a denial of sevices via a long username or password

Overview Cayman gateways are vulnerable to a denial of service via the entry of a long username or password sent to the HTTP interface. Description Cayman gateways automatically restart upon the entry of a large79+ chars username or password to the HTTP interface. The log will show "restart not i...