Lucene search

[email protected]CVE-2007-0193

HistoryJan 12, 2007 - 5:04 a.m.

CVE-2007-0193

2007-01-1205:04:00

[email protected]

web.nvd.nist.gov

fon

la fonera

routers

dns

service

vulnerability

cve-2007-0193

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

84.9%

JSON

FON La Fonera routers do not properly limit DNS service access by unauthenticated clients, which allows remote attackers to tunnel traffic via DNS requests for hosts that should not be accessible before authentication.

Affected configurations

NVD

Node

fonla_fonera

CPENameOperatorVersion
fon:la_fonerafon la foneraeq*

CPE	Name	Operator	Version
fon:la_fonera	fon la fonera	eq	*

References

osvdb.org/33441

www.securityfocus.com/archive/1/456128/100/0/threaded

www.securityfocus.com/archive/1/456344/100/0/threaded

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

84.9%

JSON

Related for CVE-2007-0193

prion1 cvelist1 nvd1