[NEWS] Multiple Looking-Glass Input Vulnerabilities
From: support@securiteam.comDate: 10/23/01
- Previous message: support@securiteam.com: "[UNIX] Flaws Found in Recent Linux Kernels (newgrp, symblinks)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Subject: [NEWS] Multiple Looking-Glass Input Vulnerabilities Message-Id: <20011022220943.99E39138C9@mail.der-keiler.de> Date: Tue, 23 Oct 2001 00:09:43 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Multiple Looking-Glass Input Vulnerabilities
------------------------------------------------------------------------
SUMMARY
There is a flaw in many looking-glasses (most of them based on the
nitrous-digex one) that allows attackers to gather information about the
network that was not intentionally provided. This happens because the
looking-glass (which is written in Perl) doesn't check the input properly
for the validity of the input address.
DETAILS
Example:
When clicking bgp, to check an address in the bgp table, the attacker can
enter, instead of an ip address, the word "nei"(or neighbors) and all bgp
neighbors will be fully visible. In fact, any valid argument in Cisco IOS
following 'sh ip bgp' can be entered.
Another example:
<sh ip bgp> paths gives the full path table. This puts some strain on
routers and could be used to DoS the router if no proper access security
is provided. Various other things can be done
Workaround:
Check for a "." in the input.
ADDITIONAL INFORMATION
The information has been provided by <mailto:barabas@lokmail.net>
barabas.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[UNIX] Flaws Found in Recent Linux Kernels (newgrp, symblinks)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- [NEWS] Cisco IOS Misformed BGP Packet Causes Reload
... Get your security news from a reliable source. ... A Cisco device running
IOS and enabled for the Border Gateway Protocol ... BGP packet. ... This vulnerability
is present in any unfixed version of Cisco IOS, ... (Securiteam) - [NEWS] Cisco IOS Malformed BGP Packet Causes DoS
... Get your security news from a reliable source. ... A Cisco device running
IOS and enabled for the Border Gateway Protocol ... BGP packet. ... A router
which is running the BGP process will have a line in the config ... (Securiteam) - [NEWS] SalesCart Database Storage Insecurity
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... struct sockaddr_in
sin; ... In no event shall we be liable for any damages whatsoever including direct, indirect,
incidental, consequential, loss of business profits or special damages. ... (Securiteam) - [NT] Keene Digital Media Server Directory Traversal
... Get your security news from a reliable source. ... Keene Digital Media Server
is "an easy and ... A directory traversal is possible on the DMS due to a problem in the
way ... In no event shall we be liable for any damages whatsoever including direct, indirect,
incidental, consequential, loss of business profits or special damages. ... (Securiteam) - [TOOL] OS SIM - Security Infrastructure Monitor
... Get your security news from a reliable source. ... Infrastructure Monitor)
able to integrate, ... level and low level security and network events which is able to
compete ... In no event shall we be liable for any damages whatsoever including direct,
indirect, incidental, consequential, loss of business profits or special damages. ... (Securiteam)
