Nokia IP440 Remote Denial of Service Vulnerability

A vulnerability exists in Nokia's IP440 integrated Firewall-1/IDS.

If a URL is sent to the device's administration interface which contains a large number of characters it can overflow the relevant buffer and create a segmentation fault. As with any buffer overflow, this has the potential to allow arbitrary code execution, but this result has not been reported in this case.

Note that in order for this vulnerability to be exploited, the attacker must have been previously authenticated by the target system.

Regardless, this vulnerability will permit an attacker to carry out a denial of services on the affected host.


Privacy Statement
Copyright 2010, SecurityFocus