Bay Technical Associates RPC3 Telnet Daemon Authentication Bypass Vulnerability
BID:12955
Info
Bay Technical Associates RPC3 Telnet Daemon Authentication Bypass Vulnerability
| Bugtraq ID: | 12955 |
| Class: | Design Error |
| CVE: |
CVE-2005-0957 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 31 2005 12:00AM |
| Updated: | Jul 12 2009 11:56AM |
| Credit: | Discovery is credited to nolimit bugtraq <[email protected]>. |
| Vulnerable: |
Bay Technical Associates RPC3 Telnet F 3.05 |
| Not Vulnerable: |
Bay Technical Associates RPC3 Telnet F5.10.4 |
Discussion
Bay Technical Associates RPC3 Telnet Daemon Authentication Bypass Vulnerability
It is reported that the telnet daemon used by the device is affected by an authentication bypass vulnerability.
A successful attack can allow an attacker to carry out a denial of service attack against a machine using the power supply by shutting down the device.
RPC3 Telnet version F 3.05 is reported vulnerable. It is believed that the telnet daemon is shipped with most RPC-3 devices.
It is reported that RPC3 Telnet Revision F5.10.4 is not affected by this issue.
The affected packages will be updated when more information becomes available.
It is reported that the telnet daemon used by the device is affected by an authentication bypass vulnerability.
A successful attack can allow an attacker to carry out a denial of service attack against a machine using the power supply by shutting down the device.
RPC3 Telnet version F 3.05 is reported vulnerable. It is believed that the telnet daemon is shipped with most RPC-3 devices.
It is reported that RPC3 Telnet Revision F5.10.4 is not affected by this issue.
The affected packages will be updated when more information becomes available.
Exploit / POC
Bay Technical Associates RPC3 Telnet Daemon Authentication Bypass Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
Bay Technical Associates RPC3 Telnet Daemon Authentication Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Bay Technical Associates RPC3 Telnet Daemon Authentication Bypass Vulnerability
References:
References:
- Home Page (Bay Techical Associates)
- Bay Technical Associates telnet server logon bypass (nolimit bugtraq