{"vuid":"VU#122582","idnumber":"122582","name":"Dell PowerConnect 3348, 3524p, and 5324 switches are vulnerable to denial-of-service attacks","keywords":["Dell","DoS","powerconnect","input validation","openmanage","ssh","ospf","CWE-20","CWE-447","CVE-2013-3594","CVE-2013-3595","CVE-2013-3606"],"overview":"Dell PowerConnect 3348 version 1.2.1.3, PowerConnect 3524p version 2.0.0.48,  PowerConnect 5324 version 2.0.1.4, and possibly earlier versions contain a denial-of-service (CWE-20) vulnerability. Dell OpenManage web application version 2.5 Build No. 1.19 and possibly earlier versions contain a denial-of-service (CWE-20) vulnerability. Dell GoAhead web server login page also contains a denial-of-service (CWE-20) vulnerability.","clean_desc":"CWE-20: Improper Input Validation\nDell PowerConnect 3348 version 1.2.1.3, PowerConnect 3524p version 2.0.0.48,  and Dell PowerConnect 5324 version 2.0.1.4 crash when a large amount of data is sent to the SSH port. This can allow an unauthenticated attacker to reset the switch and may lead to exploitation and execution of arbitrary code. CVE-2013-3594 Dell OpenManage web application version 2.5 Build No. 1.19 crashes when an undocumented URL for OSPF functionality is visited. This page is not accessible from the web application links but can be found in the firmware. This can allow an authenticated attacker to crash and reset the switch. CVE-2013-3595 Dell's GoAhead web server login page form crashes when a username length greater than 16 characters is submitted directly to the web-server via a crafted HTTP POST request. An unauthenticated attacker may be able to make the switch unresponsive until the device is reset. This attack may require multiple requests. CVE-2013-3606 The CVSS score reflects the CVE-2013-3594 vulnerability.","impact":"An unauthenticated attacker may be able to crash and reset the system that can lead to exploitation and execution of arbitrary code. CVE-2013-3594 An authenticated attacker may be able to crash the OpenManage web application to crash and reset the system. CVE-2013-3595 An unauthenticated attacker may be able to crash the GoAhead web server login page to crash the system. CVE-2013-3606","resolution":"We are currently unaware of a practical solution to this problem. Please consider the following workaround.","workarounds":"Restrict Access Restrict access to the PowerConnect interface to trusted networks. If possible, configure management and transit networks for separate VLANs, or restrict access to the device using appropriate firewall rules.","sysaffected":"","thanks":"Thanks to Rijnard van Tonder for reporting this vulnerability.","author":"This document was written by Adam Rauf.","public":["http://cwe.mitre.org/data/definitions/20.html","http://www.dell.com/support/drivers/us/en/04/Product/powerconnect-3348","http://www.dell.com/support/drivers/us/en/04/Product/powerconnect-3524p","http://www.dell.com/support/drivers/us/en/04/Product/powerconnect-5324"],"cveids":["CVE-2013-3594","CVE-2013-3595","CVE-2013-3606"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2013-06-28T14:01:22Z","publicdate":"2014-01-17T00:00:00Z","datefirstpublished":"2014-01-17T16:46:49Z","dateupdated":"2014-01-17T16:46:52Z","revision":37,"vrda_d1_directreport":"1","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"M","cvss_authentication":null,"cvss_confidentialityimpact":"N","cvss_integrityimpact":"N","cvss_availabilityimpact":"C","cvss_exploitablity":null,"cvss_remediationlevel":"ND","cvss_reportconfidence":"UC","cvss_collateraldamagepotential":"N","cvss_targetdistribution":"M","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"7.1","cvss_basevector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","cvss_temporalscore":"5.8","cvss_environmentalscore":"4.3278706296","cvss_environmentalvector":"CDP:N/TD:M/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}