----------------------------------------------------------------------

Want to work within IT-Security?

Secunia is expanding its team of highly skilled security experts.
We will help with relocation and obtaining a work permit.

Currently the following type of positions are available:
http://secunia.com/quality_assurance_analyst/
http://secunia.com/web_application_security_specialist/ 
http://secunia.com/hardcore_disassembler_and_reverse_engineer/

----------------------------------------------------------------------

TITLE:
NetPerformer Products Denial of Service Vulnerabilities

SECUNIA ADVISORY ID:
SA21876

VERIFY ADVISORY:
http://secunia.com/advisories/21876/

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
>From remote

OPERATING SYSTEM:
NetPerformer SDM-9500
http://secunia.com/product/11942/
NetPerformer SDM-9380
http://secunia.com/product/11941/
NetPerformer SDM-9230
http://secunia.com/product/11940/
NetPerformer SDM-9220
http://secunia.com/product/11943/

DESCRIPTION:
Arif Jatmoko has reported two vulnerabilities in various NetPerformer
products, which can be exploited by malicious people to cause a DoS
(Denial of Service).

1) An error in the login handling in the telnet service can be
exploited to crash and reboot a vulnerable device by sending an
overly long username (more than 4550 characters).

2) An error in the handling of ICMP packets can be exploited to hang
a vulnerable device by sending a spoofed ICMP packet to the device
via a LAND attack where the source address is the same as the device
address.

The vulnerabilities have been reported in the following products:
* NetPerformer SDM-95xx version 7.x (R1)
* NetPerformer SDM-93xx version 10.x (R2)
* NetPerformer SDM-92xx version 9.x (R1)

SOLUTION:
Filter traffic to the telnet service and filter ICMP packets to the
device where the source address is the same as the destination
address.

PROVIDED AND/OR DISCOVERED BY:
Arif Jatmoko

ORIGINAL ADVISORY:
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049434.html

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------