Eicon Networks DIVA LAN ISDN Modem 1.0 Release 2.5/1.0/2.0 - Denial of Service

Author: Bjorn Stickler
type: dos
platform: hardware
port: 
date_added: 1999-09-27  
date_updated: 2012-07-01  
verified: 1  
codes: CVE-1999-1533;OSVDB-13556  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 19513.txt  

source: https://www.securityfocus.com/bid/665/info

A vulnerability in the Diva LAN ISDN Modem allows remote malicious users to lock up the modem requiring a hard reset.

The vulnerability manifests itself when a remote users connects to the Diva HTTP port and sends a GET request of the form 'login.html?password=<very long string>'.

Enter the URL 'http://diva/login.htm?password=0123456789012345678901234567890123456789' into your browser, where 'diva' is the IP address of the modem.