Vulnerability Development mailing list archives
Phenoelit Advisory 0815 ++ // Xedia
From: kim0 <kim0 () phenoelit de>
Date: Sat, 27 Jul 2002 12:10:43 +0200
-- kim0 <kim0 () phenoelit de> Phenoelit (http://www.phenoelit.de) 90C0 969C EC71 01DC 36A0 FBEF 2D72 33C0 77FC CD42
Phenoelit Advisory <wir-haben-auch-mal-was-gefunden #0815 +++> [ Authors ] FX <fx () phenoelit de> kim0 <kim0 () phenoelit de> Phenoelit Group (http://www.phenoelit.de) Advisory http://www.phenoelit.de/stuff/Lucent_Xedia.txt [ Affected Products ] Lucent Access Point IP Services Router (Formerly known as Xedia Router) Lucent Bug ID: Not assigned CERT Vulnerability ID: 682275 [ Vendor communication ] 06/28/02 Reply to inquiry regarding "who to notify" 06/29/02 Initial Notification, Xedia team *Note-Initital notification by phenoelit includes a cc to cert () cert org by default 07/01/02 Human confirmation form Lucent of receipt 07/01/02 Human confirmation from CERT and correspondence from CERT 07/06/02 Weekly follow-up by central POC at Lucent (Right on Time) 07/08/02 Follow Up 07/19/02 Notification of intent to post publically in apx. 7 days. [ Overview ] The Lucent Access Point Router is a mid-range Access Level Router that supports a wide range of cool features such as CBQ (QoS stuff). [ Description ] The Lucent Access Point has a web server providing a colorful interface to use for configuration. This interface is apparently for those people who don't like the extremley powerful command-line. When sending an HTTP GET request with approximately 4000 characters in the URI to the server, the Access Point reboots. [ Example ] linux# wget `perl -e 'print "http://router_ip/"; print "A"x4000; print "/";` router# [b00m] [ Solution ] None known at this time. [ end of file ]
Current thread:
- Phenoelit Advisory 0815 ++ // Xedia kim0 (Jul 27)