JVN#22440986
Multiple Allied Telesis products vulnerable to buffer overflow
Overview
Multiple products provided by Allied Telesis Group contain a buffer overflow vulnerability.
Products Affected
The following products with the firmware version 2.9.1-20 and earlier are affected.
Routers
- CentreCOM AR300 v2 (End of Support)
- CentreCOM AR300L v2 (End of Support)
- CentreCOM AR320 (End of Support)
- CentreCOM AR410(S) v2 (End of Support)
- CentreCOM AR720(S) (End of Support)
- CentreCOM AR740(S) (End of Support)
- CentreCOM AR450S (End of Support)
- CentreCOM AR415S
- CentreCOM AR550S
- CentreCOM AR560S
- CentreCOM AR570S
- AR440S
- AR441S
- AR442S
- AR745
- AR750S
- AR750S-DP
- CentreCOM 8700XL Series (End of Support)
- CentreCOM 9812T Series (End of Support)
- CentreCOM 9816GB Series (End of Support)
- CentreCOM 9924Ts Series (End of Support)
- CentreCOM 9924T/4SP Series (End of Support)
- CentreCOM 9924SP (End of Support)
- CentreCOM 8700SL Series
- CentreCOM 8948XL Series
- CentreCOM 8724SLv2
- SwitchBlade4000
- AT-8624T/2M
- AT-8648T/2SP
- AT-8624POE
- AT-8848
- AT-9924T
- Rapier 48i
Description
AR Router Series and Alliedware switches provided by Allied Telesis Group contain a buffer overflow vulnerability (CWE-788) due to a flaw when processing a POST method.
Impact
Arbitrary code may be executed when processing a specially crafted HTTP request.
Solution
Update the Firmware
Update to the latest version according to the information provided by the developer.
Apply a workaround
The following workaround may mitigate the affects of this vulnerability.
- Disable HTTP services (use the command "DISABLE HTTP SERVER")
- Restrict HTTP access
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| Allied Telesis Group | Vulnerable | 2014/12/18 | Allied Telesis Group website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2014.12.18 (CVSS Base Metrics)
| Measures | Severity | Description | ||
|---|---|---|---|---|
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) | A vulnerability exploitable with network access means the vulnerable software is bound to the network stack and the attacker does not require local network access or local access. Such a vulnerability is often termed "remotely exploitable". |
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) | Specialized access conditions or extenuating circumstances do not exist. |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) | Authentication is not required to exploit the vulnerability. |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) | There is total information disclosure, resulting in all system files being revealed. |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) | There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised. |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) | There is a total shutdown of the affected resource. |
Base Score:10.0
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2014-7249 |
| JVN iPedia |
JVNDB-2014-000132 |
Update History
- 2015/01/27
- Information under the section "Products Affected" was updated.