Lucene search

PRIOn knowledge basePRION:CVE-2007-2344

HistoryApr 27, 2007 - 5:19 p.m.

Design/Logic Flaw

2007-04-2717:19:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.026 Low

EPSS

Percentile

90.0%

JSON

The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid “packet type” field.

CPENameOperatorVersion
netsight_consoleeq2.1
netsight_inventory_managereq2.1

CPE	Name	Operator	Version
	netsight_console	eq	2.1
	netsight_inventory_manager	eq	2.1

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=506

osvdb.org/34628

secunia.com/advisories/24764

www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf

www.securitytracker.com/id?1017876

www.vupen.com/english/advisories/2007/1271

7.2 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.026 Low

EPSS

Percentile

90.0%

JSON

Related for PRION:CVE-2007-2344

cve1