Search...

CVE-2006-0362

2006-01-22T20:03:00

ID CVE-2006-0362
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:29:00

Description

TippingPoint Intrusion Prevention System (IPS) TOS before 2.1.4.6324, and TOS 2.2.x before 2.2.1.6506, allow remote attackers to cause a denial of service (CPU consumption) via an unknown vector, probably involving an HTTP request with a negative number in the Content-Length header.

JSON Vulners Source

Initial Source

{"id": "CVE-2006-0362", "bulletinFamily": "NVD", "title": "CVE-2006-0362", "description": "TippingPoint Intrusion Prevention System (IPS) TOS before 2.1.4.6324, and TOS 2.2.x before 2.2.1.6506, allow remote attackers to cause a denial of service (CPU consumption) via an unknown vector, probably involving an HTTP request with a negative number in the Content-Length header.", "published": "2006-01-22T20:03:00", "modified": "2017-07-20T01:29:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0362", "reporter": "cve@mitre.org", "references": ["http://www.eweek.com/article2/0,1759,1912048,00.asp", "http://secunia.com/advisories/18515", "http://isc.sans.org/diary.php?storyid=1042", "http://www.securityfocus.com/bid/16299", "http://www.osvdb.org/22504", "https://exchange.xforce.ibmcloud.com/vulnerabilities/24200", "http://securitytracker.com/id?1015511"], "cvelist": ["CVE-2006-0362"], "type": "cve", "lastseen": "2019-05-29T18:08:30", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "32a32b959ed1a5fa5c5e3fea6bf3cf9d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "da3e55e12f3f70f3a193776594efd09b"}, {"key": "cpe23", "hash": "79677aeb321027bd29e6626e4c1e999e"}, {"key": "cvelist", "hash": "cc6449bf31a13c1487777f8c9abb5df5"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "cvss2", "hash": "85fc9715d07b57d9e72056856b007c7b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "1c0be0631b7bf4c3a8c83298e68c99eb"}, {"key": "description", "hash": "4806eeb63b4bdec3919fcefe018dc245"}, {"key": "href", "hash": "e9d6f45b2f7dcb3fb8ef10b321563d37"}, {"key": "modified", "hash": "8beb21540db0e4c02532c0e597356857"}, {"key": "published", "hash": "432d0865e1673545a461da1365702477"}, {"key": "references", "hash": "26a642bffb242a6e087a9d03656c7b98"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "3cab601cedffd8070b907c3ccbf684bd"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "e873c91d16f4ec1d129e8c42f0122a80314b0129cb2db594d40b3864d3d1163a", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:22504"]}], "modified": "2019-05-29T18:08:30"}, "score": {"value": 5.3, "vector": "NONE", "modified": "2019-05-29T18:08:30"}, "vulnersScore": 5.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:3com:tippingpoint_ips_tos:2.2.0.6504", "cpe:/o:3com:tippingpoint_ips_tos:2.2.0.6504"], "affectedSoftware": [{"name": "3com tippingpoint_ips_tos", "operator": "eq", "version": "2.2.0.6504"}, {"name": "3com tippingpoint_ips_tos", "operator": "le", "version": "2.1.3.6323"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:o:3com:tippingpoint_ips_tos:2.2.0.6504:*:*:*:*:*:*:*"], "cwe": ["CWE-399"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:19", "bulletinFamily": "software", "description": "## Vulnerability Description\nTippingPoint contains a flaw that may allow a remote denial of service. The issue is triggered when an HTTP request with a negative Content-Length is observed, and will result in loss of availability for the platform.\n## Solution Description\nUpgrade to TOS version 2.1.4.6324, 2.2.1.6506 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nTippingPoint contains a flaw that may allow a remote denial of service. The issue is triggered when an HTTP request with a negative Content-Length is observed, and will result in loss of availability for the platform.\n## References:\nVendor URL: http://www.tippingpoint.com/products_ips.html\nSecurity Tracker: 1015511\n[Secunia Advisory ID:18515](https://secuniaresearch.flexerasoftware.com/advisories/18515/)\nOther Advisory URL: http://isc.sans.org/diary.php?storyid=1042\nNews Article: http://www.eweek.com/article2/0,1895,1912048,00.asp\n[CVE-2006-0362](https://vulners.com/cve/CVE-2006-0362)\nBugtraq ID: 16299\n", "modified": "2006-01-17T22:45:56", "published": "2006-01-17T22:45:56", "href": "https://vulners.com/osvdb/OSVDB:22504", "id": "OSVDB:22504", "type": "osvdb", "title": "3Com TippingPoint IPS Malformed HTTP Request DoS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}