Lucene search

Kaspersky LabKLA10333

HistorySep 09, 2009 - 12:00 a.m.

KLA10333 DoS vulnerability in TFTP

2009-09-0900:00:00

Kaspersky Lab

threats.kaspersky.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.032 Low

EPSS

Percentile

91.3%

JSON

An unspecified vulnerability was found in the TFTP Server. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed request.

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Related products

SolarWinds-TFTP-Server

CVE list

CVE-2009-3115 critical

Solution

Update to latest version

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

SolarWinds TFTP Server versions 9.2.0.111 and earlier

References

statistics.securelist.com/

threats.kaspersky.com/en/product/SolarWinds-TFTP-Server/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.032 Low

EPSS

Percentile

91.3%

JSON

Related for KLA10333