Allegro RomPager 异常URL请求拒绝服务攻击
发布日期:2000-06-06
更新日期:2000-06-06
受影响系统:Allegro RomPager 2.10
描述:
Allegro's RomPager 是一个嵌入式WEB服务产品,更多地用于提供对网络打印机、交
换机以及其他网络设备的WWW管理能力。如果提交一个经特殊设计的异常请求,它可
能会崩溃,常常连带致使所管理的设备出现问题,此时网络设备甚至整个网络处于不
可用状态。远程攻击者需要的仅仅是一个浏览器。2.10以外的其他版本也可能受此攻
击。
下面是已知使用Allegro RomPager的部分厂商产品列表:
3Com:
TotalSwitch LAN switching hubs
LANLinker Dual Analog Router
Acacia Networks:
NovaSwitch Ethernet switches.
APC:
UPS products with web management
Andover Controls Corporation:
Infinity automated building controls
Bizfon:
Bizfon 680 Multifunction communications server
D-Link Systems:
DES-3225G 24-port 10/100Mbps Ethernet switch.
DES-3224+
EdgePoint Networks:
EdgeStar
EdgeStack
EdgeSwitch
Extreme Networks:
Summit Gigabit Switch
Foundry Networks:
BigIron Switching Routers,
FastIron Switches
NetIron Core Routers.
(possibly entire product line)
Interspeed:
System 1000 and 500 Central Office ADSL routers
LANart Corporation:
Segway Adaptive Microsegmentable Ethernet Hub
Netopia Communications:
Netopia ISDN router products
NETsilicon, Inc.:
NET+ARM product family
Net To Net Technologies:
IP DSL Access Multiplexer 12000
Network Peripherals:
NuSwitch Ethernet switches and hubs
Northern Telecom:
Accelar Gigabit Ethernet
Osicom:
NETPrint 1000 print server
various Ethernet switch products
Proxim:
RangeLAN2
QMS:
various networked printers
Xerox:
DocuPrint laser printers
建议:
暂时考虑用防火墙限制访问那些易受攻击的网络设备的WWW端口
浏览次数:6657
严重程度:0(网友投票)