CVE

Id
28387  
CVE No.
CVE-2007-5030  
Status
Candidate  
Description
Multiple integer overflows in Dibbler 0.6.0 allow remote attackers to cause a denial of service (daemon crash) via packets containing options with large lengths, which trigger attempts at excessive memory allocation, as demonstrated by (1) the TSrvMsg constructor in SrvMessages/SrvMsg.cpp; the (2) TClntMsg, (3) TClntOptIAAddress, (4) TClntOptIAPrefix, (5) TOptVendorSpecInfo, and (6) TOptOptionRequest constructors; and the (7) TRelIfaceMgr::decodeRelayRepl, (8) TRelMsg::decodeOpts, and (9) TSrvIfaceMgr::decodeRelayForw methods.  
Phase
Assigned (20070921)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
294983 28387 CVE-2007-5030 FULLDISC:20070918 [MU-200709-02] Dibbler Remote Denial of Service Vulnerability  View
294984 28387 CVE-2007-5030 URL:http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065892.html  View
294985 28387 CVE-2007-5030 MISC:http://klub.com.pl/dhcpv6/  View
294986 28387 CVE-2007-5030 MISC:http://labs.musecurity.com/wp-content/uploads/2007/09/mu-200709-02.txt  View
294987 28387 CVE-2007-5030 BID:25726  View
294988 28387 CVE-2007-5030 URL:http://www.securityfocus.com/bid/25726  View
294989 28387 CVE-2007-5030 OSVDB:40568  View
294990 28387 CVE-2007-5030 URL:http://osvdb.org/40568  View
294991 28387 CVE-2007-5030 SECUNIA:26876  View
294992 28387 CVE-2007-5030 URL:http://secunia.com/advisories/26876  View
294993 28387 CVE-2007-5030 XF:dibbler-optionlength-dos(36684)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
53977 JVNDB-2007-002669 Francisco Burzi PHP-Nuke の admin.php におけるクロスサイトリクエストフォージェリの脆弱性 Francisco Burzi PHP-Nuke の admin.php には、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2007-5032 28387 5.1 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002669.html  View