Lucene search

[email protected]CVE-2007-3537

HistoryJul 03, 2007 - 8:30 p.m.

CVE-2007-3537

2007-07-0320:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-3537

ibm os/400

i5/os

v4r2m0

v5r3m0

iseries

tcp syn-fin

firewall bypass

system security

7.2 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.059 Low

EPSS

Percentile

93.4%

JSON

IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines sends responses to TCP SYN-FIN packets, which allows remote attackers to obtain system information and possibly bypass firewall rules.

CPENameOperatorVersion
ibm:os_400ibm os 400eqv4r5
ibm:os_400ibm os 400eqv4r4
ibm:os_400ibm os 400eqv5r2m0
ibm:os_400ibm os 400eqr520
ibm:os_400ibm os 400eqv4r3
ibm:os_400ibm os 400eqv5r1
ibm:os_400ibm os 400eqv5r3m0
ibm:os_400ibm os 400eqv4r2m0

CPE	Name	Operator	Version
ibm:os_400	ibm os 400	eq	v4r5
ibm:os_400	ibm os 400	eq	v4r4
ibm:os_400	ibm os 400	eq	v5r2m0
ibm:os_400	ibm os 400	eq	r520
ibm:os_400	ibm os 400	eq	v4r3
ibm:os_400	ibm os 400	eq	v5r1
ibm:os_400	ibm os 400	eq	v5r3m0
ibm:os_400	ibm os 400	eq	v4r2m0

References

osvdb.org/37792

secunia.com/advisories/25885

www-1.ibm.com/support/docview.wss?uid=nas2742405285431729b86256e620067dc17

www.securityfocus.com/bid/24706

exchange.xforce.ibmcloud.com/vulnerabilities/35173

7.2 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.059 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2007-3537

cvelist1 prion1