APP: Nokia IPSO File Access
This signature detects attempts to exploit a known vulnerability in "Voyager", a Web GUI included with Nokia IP-boxes. IPSO 3.6-FCS6 and other versions are vulnerable. Attackers can use Voyager to instruct a CGI script to view the contents of arbitrary files on the system.
Extended Description
It has been reported that Nokia IPSO does not properly handle some types of requests through Voyager. Because of this, an attacker with access to the interface may be able to view potentially sensitive information.
Affected Products
Nokia ipso
References
BugTraq: 7426
URL: http://www.securityfocus.com/archive/1/319599/30/0/threaded http://www.xatrix.org/article.php?s=3265
Short Name
APP:IPSO-FILE-VIEW
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Access File IPSO Nokia bid:7426
Release Date
07/02/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Nokia