|
Family: Denial of Service --> Category: denial
Zebedee Target Port 0 Denial of Service Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for target port 0 denial of service vulnerability in Zebedee
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote host contains a IP tunnelling programming that is prone to
denial of service attacks.
Description :
The remote host is running Zebedee, an open-source IP tunneling
program for Linux, unix, and Windows.
The version of Zebedee installed on the remote host is prone to denial
of service attacks. Specifically, the server will crash if it
receives a request for a connection with a destination port of 0. By
exploiting this flaw, a possible hacker could cause the affected application
to fail to respond to further requests.
See also :
http://www.securityfocus.com/archive/1/410157/30/0/threaded
http://sourceforge.net/mailarchive/forum.php?thread_id=8134987&forum_id=2055
Solution :
Upgrade to Zebedee 2.4.1A / 2.5.3 or later.
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:N/A:P/I:N/B:A)
Click HERE for more information and discussions on this network vulnerability scan.
|