Lucene search

[email protected]NVD:CVE-2007-5256

HistoryOct 06, 2007 - 5:17 p.m.

CVE-2007-5256

2007-10-0617:17:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.227

Percentile

96.6%

JSON

Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and FSFDT FSD 3.000 d9 and earlier, allow (1) remote attackers to execute arbitrary code via a long HELP command on TCP port 3010 to the sysuser::exechelp function in sysuser.cc and (2) remote authenticated users to execute arbitrary code via long commands on TCP port 6809 to the servinterface::sendmulticast function in servinterface.cc, as demonstrated by a PIcallsign command.

Affected configurations

Nvd

Node

mcdufsdMatch2.052_d9

mcdufsdMatch3.000_d9

VendorProductVersionCPE
mcdufsd2.052_d9cpe:2.3:a:mcdu:fsd:2.052_d9:*:*:*:*:*:*:*
mcdufsd3.000_d9cpe:2.3:a:mcdu:fsd:3.000_d9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mcdu	fsd	2.052_d9	cpe:2.3:a:mcdu:fsd:2.052_d9:::::::*
mcdu	fsd	3.000_d9	cpe:2.3:a:mcdu:fsd:3.000_d9:::::::*

References

aluigi.altervista.org/adv/fsdbof-adv.txt

secunia.com/advisories/27008

secunia.com/advisories/27045

securityreason.com/securityalert/3195

www.securityfocus.com/archive/1/481221/100/0/threaded

www.securityfocus.com/archive/1/481495/100/0/threaded

www.securityfocus.com/bid/25883

www.vupen.com/english/advisories/2007/3334

www.exploit-db.com/exploits/4484

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

High

EPSS

0.227

Percentile

96.6%

JSON

Related for NVD:CVE-2007-5256

prion1 cvelist1 exploitdb3 cve1