PT-2014-7861 · Internet Initiative Japan · Seil/B1+3
Published
2014-12-05
·
Updated
2020-07-31
·
CVE-2014-7255
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 versions 2.50 through 4.62
Internet Initiative Japan Inc. SEIL Series routers SEIL/X2 versions 2.50 through 4.62
Internet Initiative Japan Inc. SEIL Series routers SEIL/B1 versions 2.50 through 4.62
Internet Initiative Japan Inc. SEIL Series routers SEIL/x86 Fuji versions 1.70 through 3.22
Description
The issue allows remote attackers to cause a denial of service, consuming CPU and traffic by sending a large number of NTP requests within a short time. This results in unnecessary NTP responses being sent.
Recommendations
For SEIL/X1 versions 2.50 through 4.62, consider restricting NTP requests to prevent excessive CPU and traffic consumption.
For SEIL/X2 versions 2.50 through 4.62, consider restricting NTP requests to prevent excessive CPU and traffic consumption.
For SEIL/B1 versions 2.50 through 4.62, consider restricting NTP requests to prevent excessive CPU and traffic consumption.
For SEIL/x86 Fuji versions 1.70 through 3.22, consider restricting NTP requests to prevent excessive CPU and traffic consumption.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Seil/B1
Seil/X1
Seil/X2
Seil/X86 Fuji