Eicon Networks DIVA LAN ISDN Modem 1.0 Release 2.5/1.0/2.0 - Denial of Service

EDB-ID:

19513




Platform:

Hardware

Date:

1999-09-27


source: https://www.securityfocus.com/bid/665/info

A vulnerability in the Diva LAN ISDN Modem allows remote malicious users to lock up the modem requiring a hard reset.

The vulnerability manifests itself when a remote users connects to the Diva HTTP port and sends a GET request of the form 'login.html?password=<very long string>'.

Enter the URL 'http://diva/login.htm?password=0123456789012345678901234567890123456789' into your browser, where 'diva' is the IP address of the modem.