Hi,
Thanks for reporting, Le me have a look.
Thanks,
Antu Sanadi
On Thursday 02 March 2017 08:55 PM, Reindl Harald wrote:
well, i honestly doubt that on our reverse-proxy something is
listening on UDP ports at all..............
___________________________________
Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
20065/traffic_manag
tcp 0 0 127.0.0.1:8083 0.0.0.0:* LISTEN
20065/traffic_manag
tcp 0 0 127.0.0.1:8084 0.0.0.0:* LISTEN
20072/traffic_serve
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 811/dnsmasq
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
20065/traffic_manag
tcp 0 0 0.0.0.0:10022 0.0.0.0:* LISTEN 17385/sshd
udp 0 0 127.0.0.1:53 0.0.0.0:* 811/dnsmasq
___________________________________
Hillstone Software TFTP Write/Read Request Server Denial Of Service
Vulnerability WillNotFix
5.0 (Mittel)
99% 10.0.0.4 69/udp
Notiz hinzufügen
Übersteuerung hinzufügen
Zusammenfassung
This host is running Hillstone Software TFTP Server and is prone to
denial of service vulnerability.
Ergebnis zur Schwachstellenerkennung
Schwachstelle wurde gemäß der Methode zur Schwachstellenerkennung
erkannt.
Auswirkungen
Successful exploitation will allow attacker to crash the server
process, resulting in a denial-of-service condition.
Impact Level: Application
Lösung
Art der Lösung: WillNotFix WillNotFix
No solution or patch was made available for at least one year since
disclosure of this vulnerability. Likely none will be provided
anymore. General solution options are to upgrade to a newer release,
disable respective features, remove the product or replace the product
by another one.
Betroffene Software/OS
Hillstone Software HS TFTP version 1.3.2
Schwachstellen-Einblick
The flaw is caused by an error when processing TFTP write and read
requests, which can be exploited to crash the server via a specially
crafted request sent to UDP port 69.
Methode zur Schwachstellenerkennung
Details: Hillstone Software TFTP Write/Read Request Server Denial Of
Service Vulnerabili... (OID: 1.3.6.1.4.1.25623.1.0.802406)
Benutzte Version: $Revision: 3117 $
Verweise
CVE: CVE-2011-4720
BID: 50886
Andere: http://secpod.org/blog/?p=419
http://packetstormsecurity.org/files/107468/hillstone-dos.txt
http://secpod.org/advisories/SecPod_Hillstone_Software_HS_TFTP_Server_DoS.txt
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss