2 updated signatures:
HIGH | MS-RPC:DCE-RPC-ADVANTECH-RCE | MS-RPC: Advantech Webaccess webvrpcs Directory Traversal Remote Code Execution |
MEDIUM | SSL:RED-HAT-DIR-SERVER-DOS | SSL: Red Hat 389 Directory Server TLS Resource Exhaustion Denial Of Service |
This signature detects attempt to exploit a directory traversal and remote code execution vulnerability exists in Advantech WebAccess software. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the remote service. Successful exploitation could lead to remote code execution on the target server with privileges of the application process.
idp-5.1.110161014, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, j-series-9.5, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.110121210, srx-12.1, srx-branch-12.1, idp-5.0.110130325, vsrx-12.1, vsrx-15.1
A denial-of-service vulnerability has been reported in 389 Directory Server. The vulnerability is due to improper processing of LDAP requests over TLS, leading to a potential starvation of threads in the worker pool. A remote, unauthenticated attacker could exploit this vulnerability by sending a large number of LDAP requests over TLS to a vulnerable server. Successful exploitation of the vulnerability could result in all the worker threads being blocked, and the server being unable to serve requests over TLS, leading to a denial-of-service condition.
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1