Lucene search

[email protected]CVE-2006-4832

HistorySep 15, 2006 - 10:07 p.m.

CVE-2006-4832

2006-09-1522:07:00

[email protected]

web.nvd.nist.gov

verso netperformer

buffer overflow

remote attackers

denial of service

arbitrary code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

High

0.23 Low

EPSS

Percentile

96.6%

JSON

Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via a long username.

Affected configurations

NVD

Node

verso_netperformerframe_relay_access_device_actMatchsdm-9200_series

verso_netperformerframe_relay_access_device_actMatchsdm-9300_series

verso_netperformerframe_relay_access_device_actMatchsdm-9500_series

CPENameOperatorVersion
verso_netperformer:frame_relay_access_device_actverso netperformer frame relay access device acteqsdm-9200_series
verso_netperformer:frame_relay_access_device_actverso netperformer frame relay access device acteqsdm-9300_series
verso_netperformer:frame_relay_access_device_actverso netperformer frame relay access device acteqsdm-9500_series

CPE	Name	Operator	Version
verso_netperformer:frame_relay_access_device_act	verso netperformer frame relay access device act	eq	sdm-9200_series
verso_netperformer:frame_relay_access_device_act	verso netperformer frame relay access device act	eq	sdm-9300_series
verso_netperformer:frame_relay_access_device_act	verso netperformer frame relay access device act	eq	sdm-9500_series

References

lists.grok.org.uk/pipermail/full-disclosure/2006-September/049434.html

secunia.com/advisories/21876

securityreason.com/securityalert/1583

www.securityfocus.com/archive/1/445883/100/0/threaded

www.securityfocus.com/bid/19989

www.vupen.com/english/advisories/2006/3605

exchange.xforce.ibmcloud.com/vulnerabilities/28908

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

High

0.23 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2006-4832

cvelist1 nvd1