Novell BorderManager Port 2000 Telnet DoS

medium Nessus Plugin ID 10163

Synopsis

The remote service is vulnerable to a denial of service.

Description

The port 2000 is open, and Novell BorderManager
*might* be listening on it.

There is a denial of service attack that allows an intruder to make a Novell BorderManager 3.5 slowly die.

If you see an error message on this computer telling you 'Short Term Memory Allocator is out of Memory' then you are vulnerable to this attack.

An attacker may use this flaw to prevent this service from doing its job and to prevent the user of this station to work on it.

*** If there is no error message whatsoever on this
*** computer, then this is likely a false positive.

Solution

Contact Novell and ask for a patch or filter incoming TCP connections to port 2000.

Plugin Details

Severity: Medium

ID: 10163

File Name: novell_border_manager.nasl

Version: 1.21

Type: remote

Family: Firewalls

Published: 2/9/2000

Updated: 7/16/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:novell:bordermanager

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/17/2000

Vulnerability Publication Date: 2/4/2000

Reference Information

CVE: CVE-2000-0152