Lucene search

[email protected]NVD:CVE-2007-6315

HistoryDec 12, 2007 - 12:46 a.m.

CVE-2007-6315

2007-12-1200:46:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

6.2

Confidence

High

EPSS

0.009

Percentile

82.7%

JSON

Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a denial of service (crash) via a HTTP request to /eh/chat.ehintf/C. that does not contain a Connection ID, which results in a NULL pointer dereference.

Affected configurations

Nvd

Node

real_time_logicbarracudadrive_web_serverMatch3.7.2

real_time_logicbarracudadrive_web_server_home_serverMatch3.7.2

VendorProductVersionCPE
real_time_logicbarracudadrive_web_server3.7.2cpe:2.3:a:real_time_logic:barracudadrive_web_server:3.7.2:*:*:*:*:*:*:*
real_time_logicbarracudadrive_web_server_home_server3.7.2cpe:2.3:a:real_time_logic:barracudadrive_web_server_home_server:3.7.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
real_time_logic	barracudadrive_web_server	3.7.2	cpe:2.3:a:real_time_logic:barracudadrive_web_server:3.7.2:::::::*
real_time_logic	barracudadrive_web_server_home_server	3.7.2	cpe:2.3:a:real_time_logic:barracudadrive_web_server_home_server:3.7.2:::::::*

References

aluigi.altervista.org/adv/barradrive-adv.txt

secunia.com/advisories/28032

securityreason.com/securityalert/3434

www.securityfocus.com/archive/1/484833/100/0/threaded

www.securityfocus.com/bid/26805

exchange.xforce.ibmcloud.com/vulnerabilities/38974

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

6.2

Confidence

High

EPSS

0.009

Percentile

82.7%

JSON

Related for NVD:CVE-2007-6315

cve1 cvelist1 prion1 exploitdb1