| VID |
12013 |
| Severity |
40 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The ftpd is vulnerable to a Denial of Service attack by issuing long CEL command.
VxWorks is flexible, scalable, reliable, and available on all popular CPU platforms. So it's the most widely adopted real-time operating systems (RTOSs) in the embedded industry.
The 3com NBX uses VxWORKS Embedded Real time Operating system and their own internal ftp server. By sending the follow specific string of data to the ftp server on embedded VxWorks based systems like the 3com nbx IP phone call manager :
CEL aaaa[...a*2048....]aaaa
A remote attacker can disable not only the ftp server, but the integrated web based administrative console and the call manager preventing diagnostics, control and all incoming, outgoing or internal calls. This condition is not recovered without a Hard reboot (power off/on).
Since the 3com nbx is based on an embedded *nix(Unix/Linux) operating system, and abrupt power off could cause loss of data, including corruption of voice mails in progress or logs.
This vulnerability affects both ftpd version 5.4(on 3com nbx firmware version 4_0_17) and ftpd version 5.4.2(on nbx firmware version 4_1_4). |
| Recommendation |
There is no known fix and Contact your vendor for a patch
As the workaround, disable the FTP service, if it don't need. Or place the vulnerable system behind its own firewall. |
| Related URL |
CVE-2002-2300 (CVE) |
| Related URL |
6297 (SecurityFocus) |
| Related URL |
10739 (ISS) |
|
