SB2014122501 - Multiple vulnerabilities in Allegro RomPager

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Authentication bypass (CVE-ID: CVE-2014-9222)

The vulnerability allows a remote attacker to bypass authentication mechanisms.

The vulnerability exists due to a design error when handling cookies. A remote unauthenticated attacker can send specially crafted cookie, bypass authentication mechanisms and gain complete control over the affected device. This exploitation technique is known as "Misfortune Cookie".

Successful exploitation of this vulnerability may allow a remote attacker to gain complete control over the vulnerable device.

2) Multiple buffer overflows (CVE-ID: CVE-2014-9223)

The vulnerabilities allow a remote attacker to execute arbitrary code on the target system.

The vulnerabilities exist due to a boundary error when handling user-supplied data. A remote attacker can send a specially crafted HTTP request to vulnerable web server, trigger buffer overflow and cause a denial of service condition or execute arbitrary code on the target system.

Successful exploitation of this vulnerability will result in compromise of the affected system.

Remediation

Install update from vendor's website.

References

• https://www.allegrosoft.com/allegro-software-urges-manufacturers-to-maintain-firmware-for-highest-le...
• http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-407666.htm