Overview
The Avaya Argent Office contains a weak authentication mechanism for administrative access.
Description
The Avaya Argent Office uses a TFTP-based mechanism to accept requests for administrative functions. By requesting "files" from the device via its internal interface, administrators can trigger functions such as restarting the device. This mechanism does require a password, but the algorithm used to encrypt the password is both predictable and reversible. Therefore, an attacker who can listen to traffic on the same network segment as the device's administrative interface can easily obtain the password and either reuse it or reverse it for use elsewhere. |
Impact
This vulnerability allows attackers on the same shared network segment to perform unauthorized administrative functions. |
Solution
The CERT/CC is currently unaware of a practical solution to this problem. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was reported to the Bugtraq mailing list on 08/07/2001 by Jacek Lipkowski.
This document was written by Jeffrey P. Lanza.
Other Information
| CVE IDs: | None |
| Severity Metric: | 0.79 |
| Date Public: | 2001-08-07 |
| Date First Published: | 2003-10-30 |
| Date Last Updated: | 2003-10-30 21:51 UTC |
| Document Revision: | 8 |