CVE Vulnerabilities

CVE-2007-0228

Published: Jan 13, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer dereference.

Affected Software

Name Vendor Start Version End Version
Enterprise_security_analyzer Eiqnetworks 2.0 (including) 2.0 (including)
Enterprise_security_analyzer Eiqnetworks 2.1 (including) 2.1 (including)
Enterprise_security_analyzer Eiqnetworks 2.5 (including) 2.5 (including)

References