Published: 19/12/2017 Updated: 04/01/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The Enterprise version of SyncBreeze 10.2.12 and previous versions is affected by a Remote Denial of Service vulnerability. The web server does not check bounds when reading server requests in the Host header on making a connection, resulting in a classic Buffer Overflow that causes a Denial of Service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
flexense syncbreeze

============================================= MGC ALERT 2017-007 - Original release date: November 30, 2017 - Last revised: December 14, 2017 - Discovered by: Manuel García Cárdenas - Severity: 7,5/10 (CVSS Base Score) - CVE-ID: CVE-2017-17088 ============================================= I VULNERABILITY ------------------------- SyncBreeze &l ...

Sync Breeze version 10212 suffers from a denial of service vulnerability ...

CWE-119 http://seclists.org/fulldisclosure/2017/Dec/45 http://packetstormsecurity.com/files/145435/Sync-Breeze-10.2.12-Denial-Of-Service.html https://www.exploit-db.com/exploits/43344/https://nvd.nist.gov https://www.exploit-db.com/exploits/43344/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-17088

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect