NVD

Id
738  
Name
CVE-2008-0767  
Description
ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier does not verify that a certain "number of URLs" field is consistent with the packet length, which allows remote attackers to cause a denial of service (daemon crash) via a large integer in this field in a packet to the Service Location Protocol (SLP) service on UDP port 427, triggering an out-of-bounds read.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-03  
Published
2008-02-13  
Modified Date
2011-03-07  
Seq
2008-0767  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
4663 738 CVE-2008-0767 http://aluigi.altervista.org/adv/ezipirla-adv.txt  View
4664 738 CVE-2008-0767 http://aluigi.org/poc/ezipirla.zip  View
4665 738 CVE-2008-0767 http://www.grouplogic.com/files/ez/hot/hotFix51.cfm  View
4666 738 CVE-2008-0767 20080211 Multiple vulnerabilities in EztremeZ-IP File and Printer Server 5.1.2x15  View
4667 738 CVE-2008-0767 27718  View
4668 738 CVE-2008-0767 ADV-2008-0485  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
47413 JVNDB-2008-002723 ExtremeZ-IP File などの ExtremeZ-IP.exe におけるサービス運用妨害 (DoS) の脆弱性 ExtremeZ-IP File および Print Server の ExtremeZ-IP.exe は、パケット長と一致している特定の "多大な URL" フィールドを検証しないため、サービス運用妨害 (デーモンクラッシュ) 状態となる脆弱性が存在します。 CVE-2008-0767 30880 CVE-2008-0767 738 5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002723.html 2008-02-13 2012-06-26 View