Planet VC-200M VDSL2 Router Administration Interface Remote Denial Of Service Vulnerability

Bugtraq ID:	25390
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2007-4477
Remote:	Yes
Local:	No
Published:	Aug 21 2007 12:00AM
Updated:	May 07 2015 05:35PM
Credit:	Dmitry Zubov is credited with the discovery of this issue.
Vulnerable:	Planet Technology VC-200M VDSL2 Router 0
Not Vulnerable:

Planet VC-200M VDSL2 Router Administration Interface Remote Denial Of Service Vulnerability

The Planet VC-200M VDSL2 Router is prone to a remote denial-of-service vulnerability because it fails to handle malicious HTTP requests.

Attackers can exploit this issue to deny legitimate access to the device's administration interface.

The Planet VC-200M VDSL2 Router is vulnerable; other devices may also be affected.

Planet VC-200M VDSL2 Router Administration Interface Remote Denial Of Service Vulnerability

Attackers can exploit this issue by submitting an HTTP request that does not include a 'Host:' header.

Planet VC-200M VDSL2 Router Administration Interface Remote Denial Of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Planet VC-200M VDSL2 Router Administration Interface Remote Denial Of Service Vulnerability

References:

• Planet Technology Homepage (Planet Technology)
  
• Vulnerabilities digest (3APA3A)