Lucene search

[email protected]CVE-2007-2434

HistoryMay 02, 2007 - 10:19 a.m.

CVE-2007-2434

2007-05-0210:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2434

buffer overflow

asnsp.dll

aventail connect

denial of service

execute arbitrary code

dns query

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.067 Low

EPSS

Percentile

93.9%

JSON

Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed DNS query.

Affected configurations

NVD

Node

aventailaventail_connectRange≤4.1.2.13

CPENameOperatorVersion
aventail:aventail_connectaventail aventail connectle4.1.2.13

CPE	Name	Operator	Version
aventail:aventail_connect	aventail aventail connect	le	4.1.2.13

References

marc.info/?l=full-disclosure&m=117795069208458&w=2

www.securityfocus.com/bid/23717

www.vupen.com/english/advisories/2007/1793

exchange.xforce.ibmcloud.com/vulnerabilities/33972

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.067 Low

EPSS

Percentile

93.9%

JSON

Related for CVE-2007-2434

prion1 cvelist1 nvd1