Lucene search

[email protected]CVE-2007-2344

HistoryApr 27, 2007 - 5:19 p.m.

CVE-2007-2344

2007-04-2717:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2344

bootpd

enterasys

netsight console

netsight inventory manager

windows

denial of service

7.5 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.021 Low

EPSS

Percentile

89.2%

JSON

The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid “packet type” field.

CPENameOperatorVersion
enterasys:netsight_inventory_managerenterasys netsight inventory managereq2.1
enterasys:netsight_consoleenterasys netsight consoleeq2.1

CPE	Name	Operator	Version
enterasys:netsight_inventory_manager	enterasys netsight inventory manager	eq	2.1
enterasys:netsight_console	enterasys netsight console	eq	2.1

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=506

osvdb.org/34628

secunia.com/advisories/24764

www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf

www.securitytracker.com/id?1017876

www.vupen.com/english/advisories/2007/1271

7.5 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.021 Low

EPSS

Percentile

89.2%

JSON

Related for CVE-2007-2344

prion1