Abstract
Service providers are adopting open-source technology and open standards in their next-generation networks. This gives them great flexibility and spurs innovation. But it also means that they must ensure proper interoperability between components; otherwise, vulnerabilities might get introduced in their networks. Unfortunately, state-of-the-art vulnerability scanning tools are unable to handle the complexity of service provider networks. In this paper we show how interoperability issues between seemingly reliable components introduce an injection vulnerability that allows us to control a firewall-protected network management system. We also extend the state-of-the-art in black-box fuzzing to give service providers a tool for combating similar issues.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
