CVE-2007-5242 - Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and ear

CVE-2007-5242

Summary

Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment."

References

Vulnerable Configurations

cpe:2.3:o:hp:openvms:*:*:alpha:*:*:*:*:*
cpe:2.3:o:hp:openvms:*:*:alpha:*:*:*:*:*
cpe:2.3:o:hp:openvms:*:*:integrity:*:*:*:*:*
cpe:2.3:o:hp:openvms:*:*:integrity:*:*:*:*:*

CVSS

Base:	4.3 (as of 08-03-2011 - 03:00)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

refmap via4

bid	25939
mlist	[openvms-alerts] 20071003 VMS83A_LAN-V0200, ECO Kit Release [openvms-alerts] 20071003 VMS83I_LAN-V0600, ECO Kit Release
osvdb	37812 37813
secunia	27084
vupen	ADV-2007-3382

Last major update

08-03-2011 - 03:00

Published

06-10-2007 - 16:17

Last modified

08-03-2011 - 03:00