The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Avaya Ethernet Routing Switch: denial of service via NanoSSH

Synthesis of the vulnerability 

An attacker can connect to the NanoSSH service of Avaya Ethernet Routing Switch, in order to trigger a denial of service.
Impacted products: Avaya Ethernet Routing Switch.
Severity of this bulletin: 2/4.
Creation date: 18/07/2013.
Références of this threat: 2116, VIGILANCE-VUL-13143.

Description of the vulnerability 

The Avaya Ethernet Routing Switch product uses the SSH Mocana NanoSSH server.

When a SSH client connects to the server, it sends the packet SSH KEXINIT, which contains the list of supported MAC algorithms (hmac-md5,hmac-sha1, etc.). However, if this list is too large, the NanoSSH service stops.

The origin of this vulnerability could be a buffer overflow.

An attacker can therefore connect to the NanoSSH service of Avaya Ethernet Routing Switch, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer vulnerability note impacts software or systems such as Avaya Ethernet Routing Switch.

Our Vigil@nce team determined that the severity of this computer vulnerability announce is medium.

The trust level is of type multiples sources, with an origin of intranet client.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this cybersecurity announce.

Solutions for this threat 

Avaya Ethernet Routing Switch: workaround for NanoSSH.
A workaround is to filter access to the NanoSSH service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computers vulnerabilities announce. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.