Title: Digex Looking Glass Perl Script Neighbor Information Gathering Vulnerability
Severity: MODERATE
Description:
Looking Glass is a Perl script distributed by Digex. It is designed to give network statistics from hosts.
A problem in the script allows users to gain sensitive information. This could lead to organized attack on network assets, and potential compromise of network resources. The problem is in the passing of special characters by the script.
Due to the insufficient validation of input, it is possible to pass special characters through the script. Special characters passed through the script could allow the querying of all hosts local to the system. This type of request could be used to discover with routers are neighbors of the router being queried.
This problem could also lead to the gathering of sensitive statistics, and other information.
Affected Products:
- Digex Looking Glass 1.0.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
