Lucene search

[email protected]CVE-2007-2344

HistoryApr 27, 2007 - 5:19 p.m.

CVE-2007-2344

2007-04-2717:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2344

bootpd

enterasys

netsight console

netsight inventory manager

windows

denial of service

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.4%

JSON

The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid “packet type” field.

Affected configurations

NVD

Node

enterasysnetsight_consoleMatch2.1

enterasysnetsight_inventory_managerMatch2.1

CPENameOperatorVersion
enterasys:netsight_consoleenterasys netsight consoleeq2.1
enterasys:netsight_inventory_managerenterasys netsight inventory managereq2.1

CPE	Name	Operator	Version
enterasys:netsight_console	enterasys netsight console	eq	2.1
enterasys:netsight_inventory_manager	enterasys netsight inventory manager	eq	2.1

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=506

osvdb.org/34628

secunia.com/advisories/24764

www.enterasys.com/pub/NetSight/Patches/SP1/NetSight_SP1.pdf

www.securitytracker.com/id?1017876

www.vupen.com/english/advisories/2007/1271

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.4%

JSON

Related for CVE-2007-2344

nvd1 prion1 cvelist1