Lucene search

K
cveMitreCVE-2009-3115
HistorySep 09, 2009 - 10:30 p.m.

CVE-2009-3115

2009-09-0922:30:00
CWE-20
mitre
web.nvd.nist.gov
26
solarwinds
tftp server
9.2.0.111
denial of service
dos
crafted oack request
cve-2009-3115

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.032

Percentile

91.2%

SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd
Node
solarwindstftp_serverRange9.2.0.111
OR
solarwindstftp_serverMatch5.0.55standard
OR
solarwindstftp_serverMatch5.0.60standard
OR
solarwindstftp_serverMatch8.1
OR
solarwindstftp_serverMatch8.2
VendorProductVersionCPE
solarwindstftp_server*cpe:2.3:a:solarwinds:tftp_server:*:*:*:*:*:*:*:*
solarwindstftp_server5.0.55cpe:2.3:a:solarwinds:tftp_server:5.0.55:*:standard:*:*:*:*:*
solarwindstftp_server5.0.60cpe:2.3:a:solarwinds:tftp_server:5.0.60:*:standard:*:*:*:*:*
solarwindstftp_server8.1cpe:2.3:a:solarwinds:tftp_server:8.1:*:*:*:*:*:*:*
solarwindstftp_server8.2cpe:2.3:a:solarwinds:tftp_server:8.2:*:*:*:*:*:*:*

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.032

Percentile

91.2%