发布时间 :2000-03-30 00:00:00
修订时间 :2008-09-10 15:03:07

[原文]Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000.

[CNNVD]Novell Border Manager 审查跟踪代理的拒绝服务漏洞(CNNVD-200003-053)

        Novell BorderManager 3.5存在漏洞,远程攻击者可以通过在2000端口的telnet连接中键入enter键促发拒绝服务。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:novell:bordermanager:3.5Novell BorderManager 3.5
cpe:/a:novell:bordermanager:3.0Novell BorderManager 3.0

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源

- 漏洞信息

Novell Border Manager 审查跟踪代理的拒绝服务漏洞
中危 设计错误
2000-03-30 00:00:00 2005-05-02 00:00:00
        Novell BorderManager 3.5存在漏洞,远程攻击者可以通过在2000端口的telnet连接中键入enter键促发拒绝服务。

- 公告与补丁

        Novell has released a patch which limits the memory csatpxy.nlm uses to 100k/session. It is available at:

- 漏洞信息 (19746)

Novell BorderManager 3.0/3.5 Audit Trail Proxy DoS Vulnerability (EDBID:19746)
novell dos
2000-02-04 Verified
0 Chicken Man
N/A [点击下载]

A feature called the CS Audit Trail Proxy is installed by default with BorederManager 3.0 and 3.5 .This feature opens a listening port at port 2000, on both the internal and external interfaces. If a connection is made to this port and the 'enter' key hit a few times, the server will start experincing memory allocation problems. Eventually the server will have to be rebooted to restore normal functionality.

The CS Audit Trail Proxy is handled by CSATPRX.NLM

telnet target:2000

- 漏洞信息

Novell BorderManager Port 2000 Telnet DoS
Remote / Network Access Denial of Service
Loss of Availability Workaround, Upgrade
Exploit Public Third-party Verified

- 漏洞描述

BorderManager contains a flaw that may allow a remote denial of service. The issue is triggered when a telnet connection is made to port 2000 and two <enter>s are sent, and will result in loss of availability for the platform.

- 时间线

2000-02-04 Unknow
2000-02-04 Unknow

- 解决方案

Apply the upgrade as described in the vendor solution URL, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): enable packet filtering on the server and block access to port 2000.

- 相关参考

- 漏洞作者