Lucene search

[email protected]CVE-2007-0193

HistoryJan 12, 2007 - 5:04 a.m.

CVE-2007-0193

2007-01-1205:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

fon

la fonera

routers

dns

service

vulnerability

cve-2007-0193

nvd

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.1%

JSON

FON La Fonera routers do not properly limit DNS service access by unauthenticated clients, which allows remote attackers to tunnel traffic via DNS requests for hosts that should not be accessible before authentication.

CPENameOperatorVersion
fon:la_fonerafon la foneraeq*

CPE	Name	Operator	Version
fon:la_fonera	fon la fonera	eq	*

References

osvdb.org/33441

www.securityfocus.com/archive/1/456128/100/0/threaded

www.securityfocus.com/archive/1/456344/100/0/threaded

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.1%

JSON

Related for CVE-2007-0193

prion1