F-Secure Policy Manager up to 7.00 fsmsh.dll denial of service
CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
4.8 | $0-$5k | 0.00 |
A vulnerability has been found in F-Secure Policy Manager up to 7.00 (Policy Management Software) and classified as problematic. This vulnerability affects an unknown code in the library fsmsh.dll. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. As an impact it is known to affect availability. CVE summarizes:
The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers to cause a denial of service (application crash) via NTFS reserved words in filenames in URLs.
The bug was discovered 05/29/2007. The weakness was presented 05/29/2007 by David Maciejak (Website). The advisory is shared for download at f-secure.com. This vulnerability was named CVE-2007-2964 since 05/31/2007. The exploitation appears to be easy. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details and also a public exploit are known.
It is possible to download the exploit at securityfocus.com. It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 1 days. During that time the estimated underground price was around $0-$5k. The vulnerability scanner Nessus provides a plugin with the ID 25402 (F-Secure Policy Manager Server fsmsh.dll module DoS), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Denial of Service and running in the context r.
Upgrading eliminates this vulnerability.
The vulnerability is also documented in the databases at X-Force (34584) and Tenable (25402).
Product
Type
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 4.8
VulDB Base Score: 5.3
VulDB Temp Score: 4.8
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Denial of serviceCWE: CWE-404
ATT&CK: T1499
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Nessus ID: 25402
Nessus Name: F-Secure Policy Manager Server fsmsh.dll module DoS
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 80061
OpenVAS Name: F-Secure Policy Manager Server fsmsh.dll module DoS
OpenVAS File: 🔍
OpenVAS Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Timeline
05/29/2007 🔍05/29/2007 🔍
05/29/2007 🔍
05/30/2007 🔍
05/30/2007 🔍
05/30/2007 🔍
05/30/2007 🔍
05/31/2007 🔍
05/31/2007 🔍
06/04/2007 🔍
06/25/2007 🔍
03/15/2015 🔍
07/20/2019 🔍
Sources
Vendor: f-secure.comAdvisory: f-secure.com
Researcher: David Maciejak
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2007-2964 (🔍)
X-Force: 34584
SecurityTracker: 1018149
Vulnerability Center: 15443 - F-Secure Policy Manager Server Vulnerability Allows Remote Attacker to Cause DoS, High
SecurityFocus: 24233 - F-Secure Policy Manager FSMSH.DLL Remote Denial of Service Vulnerability
Secunia: 25449
OSVDB: 36723 - F-Secure Policy Manager Server fsmsh.dll Host Module Remote DoS
Vupen: ADV-2007-1986
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 03/15/2015 15:58Updated: 07/20/2019 21:04
Changes: 03/15/2015 15:58 (84), 07/20/2019 21:04 (3)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.