Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-3707
HistoryDec 01, 2013 - 5:55 p.m.

CVE-2013-3707

2013-12-0117:55:05
CWE-20
[email protected]
web.nvd.nist.gov
15
novell
httpstk
novell-nrm
oes 2
oes 11
linux
denial of service
tcp connections
cve-2013-3707
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.693 Medium

EPSS

Percentile

98.0%

JSON

The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux Gold and SP1, does not make the intended SSL_free and SSL_shutdown calls for the close of a TCP connection, which allows remote attackers to cause a denial of service (service crash) by establishing many TCP connections to port 8009.

Affected configurations

NVD
Node
novellopen_enterprise_serverMatch11.0
OR
novellopen_enterprise_serverMatch11.0sp1

Related

checkpoint_advisories 1
prion 1
cvelist 1
nvd 1
checkpoint_advisories
checkpoint_advisories
Novell Open Enterprise Server HTTPSTK Denial of Service (CVE-2013-3707)
2014-02-23 00:00:00
prion
prion
Design/Logic Flaw
2013-12-01 17:55:00
cvelist
cvelist
CVE-2013-3707
2013-12-01 17:00:00
nvd
nvd
CVE-2013-3707
2013-12-01 17:55:05

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.693 Medium

EPSS

Percentile

98.0%

JSON
Related for CVE-2013-3707
checkpoint_advisories1prion1cvelist1nvd1