Dell PowerConnect 3348 version 18.104.22.168, PowerConnect 3524p version 22.214.171.124, PowerConnect 5324 version 126.96.36.199, and possibly earlier versions contain a denial-of-service (CWE-20) vulnerability.
Dell OpenManage web application version 2.5 Build No. 1.19 and possibly earlier versions contain a denial-of-service (CWE-20) vulnerability.
Dell GoAhead web server login page also contains a denial-of-service (CWE-20) vulnerability.
CWE-20: Improper Input Validation
An unauthenticated attacker may be able to crash and reset the system that can lead to exploitation and execution of arbitrary code. CVE-2013-3594
We are currently unaware of a practical solution to this problem. Please consider the following workaround.
Thanks to Rijnard van Tonder for reporting this vulnerability.
This document was written by Adam Rauf.