ID

VAR-199908-0059


CVE

CVE-1999-1515


TITLE

TFS Gateway 4.0 Denial of Service Vulnerability

Trust: 0.9

sources: BID: 613 // CNNVD: CNNVD-199908-060

DESCRIPTION

A non-default configuration in TenFour TFS Gateway 4.0 allows an attacker to cause a denial of service via messages with incorrect sender and recipient addresses, which causes the gateway to continuously try to return the message every 10 seconds. TFS Gateway 4.0, when configured in a specific non-default manner, is vulnerable to a remotely exploitable denial of service attack. If enough emails of sufficient size of this nature are sent it can lead to a degradation or denial of service. Vulnerabilities exist in non-default configurations in TenFour TFS Gateway version 4.0. The vulnerability caused the gateway to keep trying to return information every 10 seconds

Trust: 1.26

sources: NVD: CVE-1999-1515 // BID: 613 // VULHUB: VHN-1496

AFFECTED PRODUCTS

vendor:tenfourmodel:tfs gatewayscope:eqversion:4.0

Trust: 1.6

vendor:tfsmodel:gatewayscope:eqversion:4.0

Trust: 0.3

vendor:tfsmodel:gateway buildscope:neversion:4.0219

Trust: 0.3

sources: BID: 613 // CNNVD: CNNVD-199908-060 // NVD: CVE-1999-1515

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1515
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-199908-060
value: MEDIUM

Trust: 0.6

VULHUB: VHN-1496
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-1999-1515
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-1496
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1496 // CNNVD: CNNVD-199908-060 // NVD: CVE-1999-1515

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-1515

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199908-060

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-199908-060

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-1496

EXTERNAL IDS

db:NVDid:CVE-1999-1515

Trust: 2.0

db:BIDid:613

Trust: 2.0

db:CNNVDid:CNNVD-199908-060

Trust: 0.7

db:XFid:3290

Trust: 0.6

db:EXPLOIT-DBid:19477

Trust: 0.1

db:VULHUBid:VHN-1496

Trust: 0.1

sources: VULHUB: VHN-1496 // BID: 613 // CNNVD: CNNVD-199908-060 // NVD: CVE-1999-1515

REFERENCES

url:http://www.securityfocus.com/bid/613

Trust: 2.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/3290

Trust: 2.1

url:http://xforce.iss.net/static/3290.php

Trust: 0.6

url:http://www.tenfour.se

Trust: 0.3

sources: VULHUB: VHN-1496 // BID: 613 // CNNVD: CNNVD-199908-060 // NVD: CVE-1999-1515

CREDITS

The credit for this vulnerability being exposed goes to "FableMan / Noxidus / #HACK on IRC-Net". The information was emailed to Security Focus on August 30, 1999.

Trust: 0.9

sources: BID: 613 // CNNVD: CNNVD-199908-060

SOURCES

db:VULHUBid:VHN-1496
db:BIDid:613
db:CNNVDid:CNNVD-199908-060
db:NVDid:CVE-1999-1515

LAST UPDATE DATE

2024-11-22T22:57:23.682000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1496date:2017-12-19T00:00:00
db:BIDid:613date:2009-07-11T00:56:00
db:CNNVDid:CNNVD-199908-060date:2006-09-05T00:00:00
db:NVDid:CVE-1999-1515date:2024-11-20T23:31:18.010

SOURCES RELEASE DATE

db:VULHUBid:VHN-1496date:1999-08-31T00:00:00
db:BIDid:613date:1999-08-31T00:00:00
db:CNNVDid:CNNVD-199908-060date:1999-08-31T00:00:00
db:NVDid:CVE-1999-1515date:1999-08-31T04:00:00