Nokia IP440 Remote Denial of Service Vulnerability
Excerpted from advisory (Ed Ingber <ingber@IPRG.nokia.com>) posted on Mon, 4 Dec 2000:
This low-priority vulnerability will be fixed in the next scheduled release of IPSO (Nokia's OS)
1. Do not allow Voyager access from untrusted networks (e.g. the Internet).
2. Use good generally accepted practice regarding password selection and confidentiality (as always).
3. Consider disabling monitor (read-only administrator) access.
4. Use the provided SSH with port redirection (IPSO 3.2.1 and earlier) or embedded SSL (IPSO 3.3 and later) to encrypt http traffic to Voyager to prevent an attacker from eavesdropping to hear the password.