PT-2007-3677 · Enterasys · Enterasys Netsight Console+1

Published

2007-04-27

Updated

2011-03-08

CVE-2007-2344

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Enterasys NetSight Console versions 2.1 and earlier Enterasys NetSight Inventory Manager versions 2.1 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash. This is achieved by sending a UDP packet with an invalid packet type field.

Recommendations For Enterasys NetSight Console version 2.1 and earlier, consider restricting access to the BOOTPD component until a fix is available. For Enterasys NetSight Inventory Manager version 2.1 and earlier, consider restricting access to the BOOTPD component until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2344

Affected Products

Enterasys Netsight Console

Enterasys Netsight Inventory Manager

PT-2007-3677 · Enterasys · Enterasys Netsight Console+1

CVE-2007-2344

Related Identifiers

Affected Products

References · 7