Vulnerability

    Nbase-Xyplex

Affected

    Nbase-Xyplex EdgeBlaster MultiFunction WAN Access Router

Description

    SilverBack Technologies has discovered a Denial of Service  attack
    against Nbase-Xyplex EdgeBlaster router:

        http://www.nbase-xyplex.com/products/wan/brdg_routers/edgeblaster.cfm

    The router tested will stop  passing traffic when scanned for  the
    FormMail  CGI  vulnerability.   The  test  was preformed from both
    linux, and  NT devices  running NAI's  CyberCop scanning software.
    When the  EdgeBlaster is  scanned with  CyberCop module  10017 the
    device does  not dump  core or  reboot.   To access  to the device
    after the scan you must power cycle the router.

Solution

    Nbase-Xyplex has  been contacted  and is  currently tracking  this
    support call.   Technical support  explained that  they  recreated
    the problem in  a lab environment  and have escalated  the problem
    to engineering.