VDB-100409 · CVE-2017-6613 · BID 97924

Cisco Prime Network Registrar till 8.3.4 DNS Input Packet Processor förnekande av tjänsten

En problematiskt svag punkt hittades i Cisco Prime Network Registrar till 8.3.4. Som påverkar en okänd funktion av komponenten DNS Input Packet Processor. En uppgradering till den version 8.3.5 att åtgärda problemet.

Tidslinje

Användare

156

Fält

advisory_person_name1
vulnerability_cvss2_nvd_basescore1
source_sectracker1
source_securityfocus_class1
source_securityfocus_date1

Commit Conf

100%59
90%9
70%2
98%1

Approve Conf

100%59
90%9
70%2
98%1
IDEngageradAnvändareFältFörändraAnmärkningarAccepteradAnledningC
1076462021/12/2020VulD...person_nameCisco.securityfocus.com21/12/2020accepterad
70
1076461921/12/2020VulD...cvss2_nvd_basescore5.0nist.gov21/12/2020accepterad
90
1076461821/12/2020VulD...sectracker1038331cve.mitre.org21/12/2020accepterad
70
665383019/09/2020VulD...securityfocus_classFailure to Handle Exceptional Conditionssecurityfocus.com19/09/2020accepterad
100
665382919/09/2020VulD...securityfocus_date1492560000 (19/04/2017)securityfocus.com19/09/2020accepterad
100
665382719/09/2020VulD...osvdb_titleCVE-2017-6613 - Cisco - Prime Network Registrar - Denial of Service Issue19/09/2020accepterad
100
665381919/09/2020VulD...confirm_urlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-prime-dnstools.cisco.com19/09/2020accepterad
100
665381819/09/2020VulD...company_nameCisco19/09/2020accepterad
100
665377619/09/2020VulD...discoverydate149256000019/09/2020accepterad
100
665383921/04/2017VulD...cvss3_nvd_basescore5.8nist.gov21/04/2017accepterad
90
665383821/04/2017VulD...0day_days121/04/2017accepterad
90
665383721/04/2017VulD...cvss3_vuldb_rcCsee CVSS documentation21/04/2017accepterad
90
665383621/04/2017VulD...cvss3_vuldb_rlOsee CVSS documentation21/04/2017accepterad
90
665383521/04/2017VulD...cvss3_vuldb_eXsee CVSS documentation21/04/2017accepterad
90
665383421/04/2017VulD...cvss2_vuldb_rcCsee CVSS documentation21/04/2017accepterad
90
665383321/04/2017VulD...cvss2_vuldb_rlOFsee CVSS documentation21/04/2017accepterad
90
665383221/04/2017VulD...cvss2_vuldb_eNDsee CVSS documentation21/04/2017accepterad
90
665383121/04/2017VulD...securityfocus_titleCisco Prime Network Registrar CVE-2017-6613 Denial of Service Vulnerabilitysecurityfocus.com21/04/2017accepterad
100
665382821/04/2017VulD...securityfocus97924securityfocus.com21/04/2017accepterad
100
665382621/04/2017VulD...cve_nvd_summaryA vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412.cve.org21/04/2017accepterad
100

51 fler poster visas inte

Interested in the pricing of exploits?

See the underground prices here!