Nokia's IP440 integrated Firewall-1/IDS contains a flaw that may allow a remote denial of service. By sending a malformed URL consisting of a very large number of characters ( 6000+ characters) to the Voyager web-based management interface of a Nokia platform, a remote attacker can overflow a buffer and cause segatement fault. This flaw pontentially allows arbitrary code execution and will result in loss of confidentiality, integrity and availability.
Upgrade IP440 IPSO (Nokia's OS) to version 3.3 or higher, as it has been reported to fix this vulnerability. The workarounds provided by Ed Ingber are also available.