Lucene search

[email protected]CVE-2007-6562

HistoryDec 28, 2007 - 12:46 a.m.

CVE-2007-6562

2007-12-2800:46:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-6562

stack-based buffer overflow

denial of service

fd_set

tcpreen

libsolve/sockprot.cpp

src/bridge.cpp

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

Multiple stack-based buffer overflows in the use of FD_SET in TCPreen before 1.4.4 allow remote attackers to cause a denial of service via multiple concurrent connections, which result in overflows in the (1) SocketAddress::Connect function in libsolve/sockprot.cpp and (2) monitor_bridge function in src/bridge.cpp.

Affected configurations

NVD

Node

tcpreentcpreenRange≤1.4.3

CPENameOperatorVersion
tcpreen:tcpreentcpreenle1.4.3

CPE	Name	Operator	Version
tcpreen:tcpreen	tcpreen	le	1.4.3

References

anonsvn.remlab.net/svn/tcpreen/tags/1.4.4/NEWS

osvdb.org/40317

osvdb.org/40318

secunia.com/advisories/28217

secunia.com/advisories/28254

www.debian.org/security/2008/dsa-1443

www.securityfocus.com/bid/27018

www.vupen.com/english/advisories/2007/4318

exchange.xforce.ibmcloud.com/vulnerabilities/39241

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2007-6562

osv1 nvd1 openvas2 securityvulns1 cvelist1 nessus1 debian1 ubuntucve1 prion1 debiancve1