Dreambox DM500 Web Interface Denial of Service Vulnerability


Description   A vulnerability has been identified in Dreambox DM500, which could be exploited by remote attackers to cause a denial of service. This issue is caused by an error in the web interface when processing malformed or overly long requests, which could allow remote attackers to create a denial of service condition.
     
Vulnerable Products   Vulnerable Software:
Dreambox DM500
     
Solution  
     
CVE   CVE-2008-3936
     
References   http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3807
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Possible buffer overflow on URL
3.2.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2008-09-02 

 Target Type 
Server 

 Possible exploit 
Local & Remote