Vigil@nce - RuggedCom ROS: denial of service via HTTP
April 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send HTTP queries to RuggedCom ROS, in order to
trigger a denial of service.
Impacted products: RuggedSwitch
Severity: 2/4
Creation date: 28/03/2014
DESCRIPTION OF THE VULNERABILITY
The RuggedCom ROS product offers an administration web service.
However, an attacker can send special HTTP queries to this
service, in order to stop it. Technical details are unknown.
An attacker can therefore send HTTP queries to RuggedCom ROS, in
order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/RuggedCom-ROS-denial-of-service-via-HTTP-14493