CVE-2014-7249 Information

Description

Buffer overflow on the Allied Telesis AR440S AR441S AR442S AR745 AR750S AR750S-DP AT-8624POE AT-8624T/2M AT-8648T/2SP AT-8748XL AT-8848 AT-9816GB AT-9924T AT-9924Ts CentreCOM AR415S CentreCOM AR450S CentreCOM AR550S CentreCOM AR570S CentreCOM 8700SL CentreCOM 8948XL CentreCOM 9924SP CentreCOM 9924T/4SP Rapier 48i and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request.

Reference

http://jvn.jp/en/jp/JVN22440986/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000132 http://www.allied-telesis.co.jp/support/list/faq/vuls/20141111aen.html