The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | tinyxml | <= 2.6.2-6 | tinyxml_2.6.2-6_all.deb |
Debian | 11 | all | tinyxml | <= 2.6.2-4+deb11u1 | tinyxml_2.6.2-4+deb11u1_all.deb |
Debian | 10 | all | tinyxml | <= 2.6.2-4 | tinyxml_2.6.2-4_all.deb |
Debian | 999 | all | tinyxml | <= 2.6.2-6 | tinyxml_2.6.2-6_all.deb |