XFree86 X11r6 3.3.5/3.3.6/4.0 TCP Packet counter denial of service
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 4.7 | $0-$5k | 0.00 |
Summary
A vulnerability was found in XFree86 X11r6 3.3.5/3.3.6/4.0. It has been classified as problematic. This affects an unknown function of the component TCP Packet Handler. Performing a manipulation of the argument counter with the input -1 results in denial of service.
This vulnerability was named CVE-2000-0453. The attack may be initiated remotely. In addition, an exploit is available.
It is suggested to use restrictive firewalling.
Details
A vulnerability, which was classified as problematic, was found in XFree86 X11r6 3.3.5/3.3.6/4.0. This affects an unknown code block of the component TCP Packet Handler. The manipulation of the argument counter with the input value -1 leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. This is going to have an impact on availability. The summary by CVE is:
XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000.
The weakness was presented 05/18/2000 by Chris Evans as not defined posting (Bugtraq). The advisory is shared at archives.neohapsis.com. This vulnerability is uniquely identified as CVE-2000-0453. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details and a public exploit are known. MITRE ATT&CK project uses the attack technique T1499 for this issue.
The exploit is shared for download at exploit-db.com. It is declared as proof-of-concept.
It is possible to mitigate the weakness by firewalling tcp/6000.
The vulnerability is also documented in the databases at Exploit-DB (19950) and SecurityFocus (BID 1235†). If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Vendor
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 4.7
VulDB Base Score: 5.3
VulDB Temp Score: 4.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Denial of serviceCWE: CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: FirewallStatus: 🔍
0-Day Time: 🔍
Firewalling: 🔍
Timeline
05/18/2000 🔍05/18/2000 🔍
05/18/2000 🔍
06/24/2014 🔍
11/15/2024 🔍
Sources
Advisory: archives.neohapsis.comResearcher: Chris Evans
Status: Not defined
CVE: CVE-2000-0453 (🔍)
GCVE (CVE): GCVE-0-2000-0453
GCVE (VulDB): GCVE-100-15573
SecurityFocus: 1235 - XFree86 Xserver Denial of Service Vulnerability
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 06/24/2014 17:54Updated: 11/15/2024 03:42
Changes: 06/24/2014 17:54 (51), 04/13/2017 12:26 (6), 11/15/2024 03:42 (22)
Complete: 🔍
Cache ID: 216::103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
No comments yet. Languages: en.
Please log in to comment.