Hitachi NetInsight II Port Discovery Service Malformed Format Data DoS
2006-01-20T07:48:15
ID OSVDB:22676 Type osvdb Reporter OSVDB Modified 2006-01-20T07:48:15
Description
Vulnerability Description
NetInsight II contains a flaw that may allow a local denial of service. The issue is triggered when the Port Discovery service receives malformed data packets, and will result in loss of availability for the service.
Solution Description
Upgrade to version 07-50-01 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Short Description
NetInsight II contains a flaw that may allow a local denial of service. The issue is triggered when the Port Discovery service receives malformed data packets, and will result in loss of availability for the service.
{"id": "OSVDB:22676", "bulletinFamily": "software", "title": "Hitachi NetInsight II Port Discovery Service Malformed Format Data DoS", "description": "## Vulnerability Description\nNetInsight II contains a flaw that may allow a local denial of service. The issue is triggered when the Port Discovery service receives malformed data packets, and will result in loss of availability for the service.\n## Solution Description\nUpgrade to version 07-50-01 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nNetInsight II contains a flaw that may allow a local denial of service. The issue is triggered when the Port Discovery service receives malformed data packets, and will result in loss of availability for the service.\n## References:\n[Vendor Specific Advisory URL](http://www.hitachi-support.com/security_e/vuls_e/HS05-027_e/index-e.html)\nSecurity Tracker: 1015520\n[Secunia Advisory ID:18538](https://secuniaresearch.flexerasoftware.com/advisories/18538/)\nKeyword: HS05-027\nFrSIRT Advisory: ADV-2006-0267\n[CVE-2006-0343](https://vulners.com/cve/CVE-2006-0343)\nBugtraq ID: 16327\n", "published": "2006-01-20T07:48:15", "modified": "2006-01-20T07:48:15", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:22676", "reporter": "OSVDB", "references": [], "cvelist": ["CVE-2006-0343"], "type": "osvdb", "lastseen": "2017-04-28T13:20:19", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "12f1fba69a42c329755a81eebaa7bcdc"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "3ef3f66507c7f7358da6cf61f165b6fb"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "fe0c3ca4f2984ba5bdcc89aa8987f104"}, {"key": "href", "hash": "951c27858d2450d39dd916daebeadd15"}, {"key": "modified", "hash": "d1799fa8340c5f3f01e112c61035877f"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "d1799fa8340c5f3f01e112c61035877f"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "26f4537b55fc7a0d3822f155d6a90198"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "hash": "0d3866ea0001d51e92c4c87aa6d9c48427c8bf5727cc84a66021076f86b4f27f", "viewCount": 0, "objectVersion": "1.2", "affectedSoftware": [{"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-07"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-11"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-09"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-08"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-06"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-04"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-05"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-01"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-00"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Advance 07-50"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-10"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-02"}, {"name": "JP1/NetInsight II - Port Discovery", "operator": "eq", "version": "Standard 07-03"}], "enchantments": {"vulnersScore": 5.0}}
{"result": {"cve": [{"id": "CVE-2006-0343", "type": "cve", "title": "CVE-2006-0343", "description": "Unspecified vulnerability in the Port Discovery Standard and Advanced features in Hitachi JP1/NetInsight II allows attackers to stop the Port Discovery service via unknown vectors involving \"invalid format data\".", "published": "2006-01-20T19:03:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0343", "cvelist": ["CVE-2006-0343"], "lastseen": "2017-07-20T10:49:03"}]}}
