Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:659515
HistoryJan 12, 2012 - 12:00 a.m.

Wibu-Systems CodeMeter remote denial of service vulnerability

2012-01-1200:00:00
www.kb.cert.org
19

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.088 Low

EPSS

Percentile

94.6%

JSON

Overview

Wibu-Systems CodeMeter contains a remote denial of service vulnerability when receiving specially crafted packets.

Description

Wibu-Systems CodeMeter v4.30c and v4.10b contain a remote denial of service vulnerability when receiving specially crafted packets. Wibu-Systems CodeMeter listens on TCP/22350 for incoming connections. An attacker can send a specially crafted packet causing CodeMeter.exe to crash.

Impact

A remote, unauthenticated attacker could cause the Wibu-Systems CodeMeter application to crash creating a denial-of-service condition.

Solution

Apply an Update

This vulnerability has been addressed in Wibu-Systems CodeMeter Software v4.40.

Restrict access

Restrict access to the Wibu-Systems CodeMeter network interface to trusted users and networks.

Vendor Information

659515

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

AccessData Affected

Updated: January 16, 2012

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Guidance Software, Inc. Affected

Updated: January 16, 2012

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Wibu-Systems __ Affected

Notified: October 25, 2011 Updated: January 03, 2012

Status

Affected

Vendor Statement

This vulnerability has been addressed in Wibu-Systems CodeMeter Software v4.40.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

Thanks to Kuang-Chun Hung of Information and Communication Security Technology Center for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs: CVE-2011-4057
Severity Metric: 0.14 Date Public:

Related

cve 1
nessus 1
cvelist 1
jvn 1
prion 1
nvd 1
openvas 1
cve
cve
CVE-2011-4057
2022-10-03 16:15:13
nessus
nessus
CodeMeter TCP Packet Parsing Unspecified Remote DoS
2012-02-02 00:00:00
cvelist
cvelist
CVE-2011-4057
2022-10-03 16:15:13
jvn
jvn
JVN#78901873: Wibu-Systems CodeMeter Runtime vulnerable to denial-of-service
2012-01-11 00:00:00
prion
prion
Design/Logic Flaw
2012-01-13 18:55:00
nvd
nvd
CVE-2011-4057
2012-01-13 18:55:03
openvas
openvas
Wibu-Systems CodeMeter Runtime TCP Packets Denial of Service Vulnerability
2012-01-19 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.088 Low

EPSS

Percentile

94.6%

JSON
Related for VU:659515
cve1nessus1cvelist1jvn1prion1nvd1openvas1