OSVDB ID: 9962

Title: ZyXEL Prestige 681 ARP Request Packet Information Disclosure

Info

Disclosure

Sep 13, 2004

Discovery

Unknown

Dates

Exploit

Sep 13, 2004

Solution

Unknown

Description

Some ZyXEL Prestige devices contains a flaw that may lead to an unauthorized information disclosure.  ARP requests emitted by device could contain random parts of the memory (especially parts of recent telnet sessions) , which will disclose sensitive information to an attacker able to sniff the local network resulting in a loss of confidentiality.

Classification

Location: Remote / Network Access
Impact: Loss of Confidentiality
Exploit: Exploit Public

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

ZyXEL Communications Corp.

ZyNOS

Vt020225a

Prestige 681

Unknown or Unspecified

References

Credit

  • Przemyslaw Frasunek - venglinfreebsd.lublin.pl - Przemyslaw Frasunek


Direct URL: http://osvdb.org/9962