NEUROCOM: Nashuatec D445/435 vulnerabilities updated

[veille () NEUROCOM COM (gregory duchemin)]

Hi,

my last message concerning three commons vulnerabilities on Nashuatec printers model D445 is also available for the 
D435 series.

These two models of printers are vulnerables to:

1- ftp bounce attack 
2- adm web server cgi buffer overflow ( eg: reset )
3- (icmp redirect storm) denial of service attack

now a little update (about the two series):

4- By default, a "guest" account (password guest) allow everybody to authenticate himself to the telnet service. That's 
not exactly what we should call a security hole since everybody can connect to the web server with exactly the same 
priviledge and without any needed authentication.

5- the telnetd daemon no longer listen on its port after only one syn stealth scan (try nmap "-sS" option).This 
behavior suggest that this version of telnetd is unable to manage simultaneous connection requests resulting in a 
possible denial of service attack.

Have a nice day

******************

Gregory Duchemin
Security & networks Engineer

Email: veille () securite-internet com
http://www.securite-internet.com