CVE

Id
28386  
CVE No.
CVE-2007-5029  
Status
Candidate  
Description
Dibbler 0.6.0 does not verify that certain length parameters are appropriate for buffer sizes, which allows remote attackers to trigger a buffer over-read and cause a denial of service (daemon crash), as demonstrated by incorrect behavior of the TSrvMsg constructor in SrvMessages/SrvMsg.cpp when (1) reading the option code and option length and (2) parsing options.  
Phase
Assigned (20070921)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
294972 28386 CVE-2007-5029 FULLDISC:20070918 [MU-200709-02] Dibbler Remote Denial of Service Vulnerability  View
294973 28386 CVE-2007-5029 URL:http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065892.html  View
294974 28386 CVE-2007-5029 MISC:http://klub.com.pl/dhcpv6/  View
294975 28386 CVE-2007-5029 MISC:http://labs.musecurity.com/wp-content/uploads/2007/09/mu-200709-02.txt  View
294976 28386 CVE-2007-5029 BID:25726  View
294977 28386 CVE-2007-5029 URL:http://www.securityfocus.com/bid/25726  View
294978 28386 CVE-2007-5029 OSVDB:40569  View
294979 28386 CVE-2007-5029 URL:http://osvdb.org/40569  View
294980 28386 CVE-2007-5029 SECUNIA:26876  View
294981 28386 CVE-2007-5029 URL:http://secunia.com/advisories/26876  View
294982 28386 CVE-2007-5029 XF:dibbler-invalidoption-dos(36685)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
53976 JVNDB-2007-002668 Dibbler の SrvOptions/SrvOptIA_NA.cpp におけるサービス運用妨害 (DoS) の脆弱性 Dibbler の SrvOptions/SrvOptIA_NA.cpp の TSrvOptIA_NA::rebind メソッド には、サービス運用妨害 (NULL デリファレンスおよびデーモンクラッシュ) 状態となる脆弱性が存在します。 CVE-2007-5031 28386 5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002668.html  View