CVE-2010-3071

2010-10-1405:57:57

[email protected]

web.nvd.nist.gov

bip

denial of service

cve-2010-3071

security vulnerability

remote attack

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

Low

0.05 Low

EPSS

Percentile

92.8%

JSON

bip before 0.8.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an empty USER command.

Affected configurations

NVD

Node

duckcorpbipRange≤0.8.5

duckcorpbipMatch0.7.0

duckcorpbipMatch0.7.1

duckcorpbipMatch0.7.2

duckcorpbipMatch0.7.3

duckcorpbipMatch0.7.4

duckcorpbipMatch0.7.5

duckcorpbipMatch0.8.0

duckcorpbipMatch0.8.0rc0

duckcorpbipMatch0.8.0rc1

duckcorpbipMatch0.8.1

duckcorpbipMatch0.8.2

duckcorpbipMatch0.8.3

duckcorpbipMatch0.8.4

CPENameOperatorVersion
duckcorp:bipduckcorp biple0.8.5
duckcorp:bipduckcorp bipeq0.7.0
duckcorp:bipduckcorp bipeq0.7.1
duckcorp:bipduckcorp bipeq0.7.2
duckcorp:bipduckcorp bipeq0.7.3
duckcorp:bipduckcorp bipeq0.7.4
duckcorp:bipduckcorp bipeq0.7.5
duckcorp:bipduckcorp bipeq0.8.0
duckcorp:bipduckcorp bipeq0.8.1
duckcorp:bipduckcorp bipeq0.8.2

CPE	Name	Operator	Version
duckcorp:bip	duckcorp bip	le	0.8.5
duckcorp:bip	duckcorp bip	eq	0.7.0
duckcorp:bip	duckcorp bip	eq	0.7.1
duckcorp:bip	duckcorp bip	eq	0.7.2
duckcorp:bip	duckcorp bip	eq	0.7.3
duckcorp:bip	duckcorp bip	eq	0.7.4
duckcorp:bip	duckcorp bip	eq	0.7.5
duckcorp:bip	duckcorp bip	eq	0.8.0
duckcorp:bip	duckcorp bip	eq	0.8.1
duckcorp:bip	duckcorp bip	eq	0.8.2