Lucene search

MitreCVE-2008-1411

HistoryMar 20, 2008 - 10:44 a.m.

CVE-2008-1411

2008-03-2010:44:00

CWE-20

mitre

web.nvd.nist.gov

cve-2008-1411

nvd

acronis snap deploy

pxe server

denial of service

tftp

remote attackers

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.028

Percentile

90.6%

JSON

The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to cause a denial of service (crash) via an incomplete TFTP request, which triggers a NULL pointer dereference.

Affected configurations

Nvd

Node

acronissnap_deployMatch2.0.0.1076

VendorProductVersionCPE
acronissnap_deploy2.0.0.1076cpe:2.3:a:acronis:snap_deploy:2.0.0.1076:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
acronis	snap_deploy	2.0.0.1076	cpe:2.3:a:acronis:snap_deploy:2.0.0.1076:::::::*

References

aluigi.altervista.org/adv/acropxe-adv.txt

secunia.com/advisories/29305

securityreason.com/securityalert/3758

www.securityfocus.com/archive/1/489358/100/0/threaded

www.securityfocus.com/bid/28182

www.vupen.com/english/advisories/2008/0814/references

exchange.xforce.ibmcloud.com/vulnerabilities/41075

www.exploit-db.com/exploits/5228

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.028

Percentile

90.6%

JSON

Related for CVE-2008-1411