Lucene search

[email protected]NVD:CVE-2008-1689

HistoryApr 07, 2008 - 5:44 p.m.

CVE-2008-1689

2008-04-0717:44:00

CWE-399

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.7%

JSON

Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (daemon crash) via a long request header in an HTTP request to TCP port 801. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

seattle_lab_softwareslmail_proRange≤6.3.1.0

seattle_lab_softwareslmail_proMatch5.5

seattle_lab_softwareslmail_proMatch6.1

seattle_lab_softwareslmail_proMatch6.2

seattle_lab_softwareslmail_proMatch6.2.1

seattle_lab_softwareslmail_proMatch6.3

References

aluigi.altervista.org/adv/slmaildos-adv.txt

aluigi.org/poc/slmaildos.zip

secunia.com/advisories/29614

www.securityfocus.com/bid/28505

www.vupen.com/english/advisories/2008/1039/references

exchange.xforce.ibmcloud.com/vulnerabilities/41532

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.7%

JSON

Related for NVD:CVE-2008-1689

cve1 prion1 cvelist1