|
Family: Gain a shell remotely --> Category: attack
BayTech RPC3 Telnet Daemon Authentication Bypass Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for authentication bypass vulnerability in BayTech RPC3 Telnet daemon
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote TELNET server is affected by an authentication bypass flaw.
Description :
The remote host is running a version of Bay Technical Associates RPC3
TELNET Daemon that lets a user bypass authentication by sending a
special set of keystrokes at the username prompt. Since BayTech RPC3
devices provide remote power management, this vulnerability enables an
attacker to cause a denial of service, shut down the device itself as
well as any connected devices.
See also :
http://marc.theaimsgroup.com/?l=bugtraq&m=111230568025271&w=2
Solution :
None at this time. Filter incoming traffic to port 23 on this device.
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|