Lucene search

[email protected]CVE-2006-7054

HistoryFeb 24, 2007 - 12:28 a.m.

CVE-2006-7054

2007-02-2400:28:00

[email protected]

web.nvd.nist.gov

arkoon

fast360

utm

appliances

dns

denial of service

reboot

cve-2006-7054

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.3%

JSON

The DNS module in Arkoon FAST360 UTM appliances 3.0 up to 3.0/29, 3.1 through 3.3, and 4.0 allows remote attackers to cause a denial of service (reboot) via a malformed DNS message, as demonstrated by the PROTOS DNS testing suite.

Affected configurations

NVD

Node

arkoonfast360Match3.0

arkoonfast360Match3.0_29

arkoonfast360Match3.1

arkoonfast360Match3.2

arkoonfast360Match3.3

arkoonfast360Match4.0_1

CPENameOperatorVersion
arkoon:fast360arkoon fast360eq3.0
arkoon:fast360arkoon fast360eq3.0_29
arkoon:fast360arkoon fast360eq3.1
arkoon:fast360arkoon fast360eq3.2
arkoon:fast360arkoon fast360eq3.3
arkoon:fast360arkoon fast360eq4.0_1

CPE	Name	Operator	Version
arkoon:fast360	arkoon fast360	eq	3.0
arkoon:fast360	arkoon fast360	eq	3.0_29
arkoon:fast360	arkoon fast360	eq	3.1
arkoon:fast360	arkoon fast360	eq	3.2
arkoon:fast360	arkoon fast360	eq	3.3
arkoon:fast360	arkoon fast360	eq	4.0_1

References

secunia.com/advisories/20618

www.arkoon.fr/upload/alertes/33AK-2006-02-EN-1.0_FAST_DNS_DOS.pdf

www.ee.oulu.fi/research/ouspg/protos/testing/c09/dns/index.html

www.vupen.com/english/advisories/2006/2217

exchange.xforce.ibmcloud.com/vulnerabilities/27004

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.3%

JSON

Related for CVE-2006-7054

nvd1 cvelist1