CVE-2008-0767

Published: 13/02/2008 Updated: 15/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and previous versions does not verify that a certain "number of URLs" field is consistent with the packet length, which allows remote malicious users to cause a denial of service (daemon crash) via a large integer in this field in a packet to the Service Location Protocol (SLP) service on UDP port 427, triggering an out-of-bounds read.

Vulnerable Product	Search on Vulmon	Subscribe to Product
extremez-ip file server
extremez print server

source: wwwsecurityfocuscom/bid/27718/info ExtremeZ-IP File and Print servers are prone to multiple vulnerabilities including denial-of-service and information-disclosure issues Attackers can exploit these issues to cause denial-of-service conditions or to obtain potentially sensitive information These issues affect versions prior to ...

CWE-189 http://aluigi.altervista.org/adv/ezipirla-adv.txt http://aluigi.org/poc/ezipirla.zip http://secunia.com/advisories/28862 http://www.grouplogic.com/files/ez/hot/hotFix51.cfm http://www.securityfocus.com/bid/27718 http://www.vupen.com/english/advisories/2008/0485 http://www.securityfocus.com/archive/1/487952/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/31132/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-0767

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect