Title: 602Pro Lan Suite Long HTTP Request Denial of Service Vulnerability
Severity: MODERATE
Description:
A denial of service vulnerability exists in versions of Lansuite.
A remote attacker may connect to port 80 of the vulnerable host. Via this connection, the attacker submits a long request composed of at least 1033 characters. This excess input causes an overflows of the server's input buffer and crashes Lansuite.exe and all applicable services
A common potential outcome of this type of vulnerability is that an attacker may be able to insert arbitrary shellcode into the long HTTP request which, if properly composed, could execute with the privilege level of the webserver process.
Affected Products:
- Software602 602Pro LAN SUITE 2000a 2000.0.1.32
- Software602 602Pro LAN SUITE 2000a 2000.0.1.33
- Software602 602Pro LAN SUITE 2000a 2000.0.1.34
- Software602 602Pro LAN SUITE 2000a 2000.0.1.35
References:
- Software602: 602Pro Lan Suite Product Information Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
