Lucene search

[email protected]CVE-2006-6411

HistoryDec 10, 2006 - 2:28 a.m.

CVE-2006-6411

2006-12-1002:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

linksys

wip 330

wireless-g

ip phone

denial of service

vulnerability

cve-2006-6411

7.4 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.047 Low

EPSS

Percentile

92.5%

JSON

PhoneCtrl.exe in Linksys WIP 330 Wireless-G IP Phone 1.00.06A allows remote attackers to cause a denial of service (crash) via a TCP SYN scan, as demonstrated using TCP ports 1-65535 with nmap.

CPENameOperatorVersion
linksys:wip_330_wireless-g_ip_phonelinksys wip 330 wireless-g ip phoneeq1.0.6_a

CPE	Name	Operator	Version
linksys:wip_330_wireless-g_ip_phone	linksys wip 330 wireless-g ip phone	eq	1.0.6_a

References

lists.grok.org.uk/pipermail/full-disclosure/2006-December/051140.html

secunia.com/advisories/23256

securityreason.com/securityalert/2009

www.securityfocus.com/archive/1/453754/100/0/threaded

www.securityfocus.com/bid/21475

www.vupen.com/english/advisories/2006/4894

exchange.xforce.ibmcloud.com/vulnerabilities/30771

7.4 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.047 Low

EPSS

Percentile

92.5%

JSON