Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2007-3537

Published: Jul 03, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:C/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2007-3537
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines sends responses to TCP SYN-FIN packets, which allows remote attackers to obtain system information and possibly bypass firewall rules.

Affected Software

Name Vendor Start Version End Version
Os_400 Ibm r520 (including) r520 (including)
Os_400 Ibm v4r2m0 (including) v4r2m0 (including)
Os_400 Ibm v4r3 (including) v4r3 (including)
Os_400 Ibm v4r4 (including) v4r4 (including)
Os_400 Ibm v4r5 (including) v4r5 (including)
Os_400 Ibm v5r1 (including) v5r1 (including)
Os_400 Ibm v5r2m0 (including) v5r2m0 (including)
Os_400 Ibm v5r3m0 (including) v5r3m0 (including)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use