CISCO : Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.105771

Kategorie: CISCO

Titel: Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability

Zusammenfassung: A vulnerability in the web-based management interface of Cisco; RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco; RV215W Wireless-N VPN Routers could allow an authenticated, remote attacker to cause a buffer; overflow on a targeted system, resulting in a denial of service (DoS) condition.

Beschreibung: Summary:
A vulnerability in the web-based management interface of Cisco
RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco
RV215W Wireless-N VPN Routers could allow an authenticated, remote attacker to cause a buffer
overflow on a targeted system, resulting in a denial of service (DoS) condition.

Vulnerability Insight:
The vulnerability is due to improper sanitization of
user-supplied input for fields in HTTP requests that are sent when a user configures an affected
device by using the web-based management interface for the device. An attacker could exploit this
vulnerability by sending an HTTP request that contains configuration commands with a crafted
payload.

Vulnerability Impact:
A successful exploit could allow the attacker to cause a buffer
overflow on the targeted system, which could cause the device to reload unexpectedly and result
in a DoS condition.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-1398
Cisco Security Advisory: 20160621 Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3
http://www.securitytracker.com/id/1036115

Copyright Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.105771
Kategorie:	CISCO
Titel:	Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability
Zusammenfassung:	A vulnerability in the web-based management interface of Cisco; RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco; RV215W Wireless-N VPN Routers could allow an authenticated, remote attacker to cause a buffer; overflow on a targeted system, resulting in a denial of service (DoS) condition.
Beschreibung:	Summary: A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco RV215W Wireless-N VPN Routers could allow an authenticated, remote attacker to cause a buffer overflow on a targeted system, resulting in a denial of service (DoS) condition. Vulnerability Insight: The vulnerability is due to improper sanitization of user-supplied input for fields in HTTP requests that are sent when a user configures an affected device by using the web-based management interface for the device. An attacker could exploit this vulnerability by sending an HTTP request that contains configuration commands with a crafted payload. Vulnerability Impact: A successful exploit could allow the attacker to cause a buffer overflow on the targeted system, which could cause the device to reload unexpectedly and result in a DoS condition. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1398 Cisco Security Advisory: 20160621 Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3 http://www.securitytracker.com/id/1036115
Copyright	Copyright (C) 2016 Greenbone Networks GmbH