MidnightBSD

Advisories for rabidhamster

CVE-2012-1221 MEDIUM

Directory traversal vulnerability in the telnet server in RabidHamster R2/Extreme 1.65 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the File command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
rabidhamster r2/ *
rabidhamster r2/extreme 1.51
CVE-2012-1222 HIGH

Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and earlier allows remote authenticated users to execute arbitrary code via a long string to TCP port 23.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
rabidhamster r2/extreme *
rabidhamster r2/extreme 1.51
CVE-2012-1223 MEDIUM

RabidHamster R2/Extreme 1.65 and earlier uses a small search space of values for the PIN number, which allows remote attackers to obtain the PIN number via a brute force attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
rabidhamster r2/extreme *
rabidhamster r2/extreme 1.51