Security Bulletin: IBM Security Network Intrusion Prevention System is affected by a vulnerability in Apache (CVE-2007-6750)

Summary

A security vulnerability have been discovered in Apache used with IBM Security Intrusion Prevention System.

Vulnerability Details

CVEID:CVE-2007-6750

**DESCRIPTION:******Apache HTTP Server is vulnerable to a denial of service. By sending specially crafted partial HTTP requests, a remote attacker could exploit this vulnerability to cause a daemon outage.

CVSS Base Score: 5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/#/vulnerabilities/72345&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Affected Products and Versions

Products: GX3002, GX4002, GX4004, GX4004-v2, GX5008, GX5008-v2, GX5108, GX5108-v2, GX5208, GX5208-v2, GX6116, GX7412, GX7412-10, GX7412-05, GX7800, GV200, GV1000

Firmware versions 4.6.2, 4.6.1, 4.6, 4.5, 4.4, and 4.3

Remediation/Fixes

Product

| VRMF| Remediation/First Fix
—|—|—
IBM Security Network Intrusion Prevention System | Firmware version 4.6.2| 4.6.2.0-ISS-ProvG-AllModels-System-FP0008
IBM Security Network Intrusion Prevention System | Firmware version 4.6.1| 4.6.1.0-ISS-ProvG-AllModels-System-FP0012
IBM Security Network Intrusion Prevention System | Firmware version 4.6| 4.6.0.0-ISS-ProvG-AllModels-System-FP0010
IBM Security Network Intrusion Prevention System | Firmware version 4.5| 4.5.0.0-ISS-ProvG-AllModels-System-FP0012
IBM Security Network Intrusion Prevention System | Firmware version 4.4| 4.4.0.0-ISS-ProvG-AllModels-System-FP0012
IBM Security Network Intrusion Prevention System | Firmware version 4.3| 4.3.0.0-ISS-ProvG-AllModels-System-FP0010

Workarounds and Mitigations

None