Details of VAR-200409-0006

ID

VAR-200409-0006

CVE

CVE-2004-0830

TITLE

F-Secure Internet Gatekeeper Content Scan Server Remote Denial of Service Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200409-018

DESCRIPTION

The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet. F-Secure Content Scanner Server is reported prone to a remote denial of service vulnerability. This issue presents itself when the application handles certain malformed packets. This vulnerability causes an unhandled exception in the process leading to a crash in the process. F-Secure Internet Gatekeeper can perform automatic virus and content filtering on EMAIL and WEB communications. According to the configuration options, a dialog box will be prompted on the desktop stating that the FSAVSD.EXE process has crashed

Trust: 1.26

sources: NVD: CVE-2004-0830 // BID: 11145 // VULHUB: VHN-9260

AFFECTED PRODUCTS

vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.32	Trust: 1.9
vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.31	Trust: 1.9
vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.3	Trust: 1.9
vendor:	f secure	model:	f-secure content scanner server	scope:	eq	version:	6.31	Trust: 1.6
vendor:	f secure	model:	f-secure anti-virus	scope:	eq	version:	6.21	Trust: 1.6
vendor:	f secure	model:	f-secure anti-virus	scope:	eq	version:	6.2	Trust: 1.6
vendor:	f secure	model:	f-secure anti-virus	scope:	eq	version:	6.01	Trust: 1.6
vendor:	f secure	model:	content scanner server	scope:	eq	version:	6.31	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange	scope:	eq	version:	6.21	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange	scope:	eq	version:	6.2	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange	scope:	eq	version:	6.01	Trust: 0.3
vendor:	f secure	model:	internet gatekeeper	scope:	ne	version:	6.400	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange	scope:	ne	version:	6.30	Trust: 0.3

sources: BID: 11145 // CNNVD: CNNVD-200409-018 // NVD: CVE-2004-0830

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-0830
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200409-018
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-9260
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-0830
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9260
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-9260 // CNNVD: CNNVD-200409-018 // NVD: CVE-2004-0830

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-0830

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200409-018

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200409-018

EXTERNAL IDS

db:	NVD	id:	CVE-2004-0830	Trust: 2.0
db:	BID	id:	11145	Trust: 2.0
db:	CNNVD	id:	CNNVD-200409-018	Trust: 0.7
db:	IDEFENSE	id:	20040909 F-SECURE INTERNET GATEKEEPER CONTENT SCANNING SERVER DENIAL OF SERVICE VULNERABILITY	Trust: 0.6
db:	BUGTRAQ	id:	20040910 F-SECURE INTERNET GATEKEEPER CONTENT SCANNING SERVER DENIAL OF SERVICE VULNERABILITY	Trust: 0.6
db:	XF	id:	17307	Trust: 0.6
db:	VULHUB	id:	VHN-9260	Trust: 0.1

sources: VULHUB: VHN-9260 // BID: 11145 // CNNVD: CNNVD-200409-018 // NVD: CVE-2004-0830

REFERENCES

url:	http://www.f-secure.com/security/fsc-2004-2.shtml	Trust: 2.0
url:	http://www.securityfocus.com/bid/11145	Trust: 1.7
url:	http://www.idefense.com/application/poi/display?id=137&type=vulnerabilities	Trust: 1.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/17307	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=109483205925698&w=2	Trust: 1.0
url:	http://xforce.iss.net/xforce/xfdb/17307	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=109483205925698&w=2	Trust: 0.6
url:	http://www.idefense.com/application/poi/display?id=137&type=vulnerabilities&flashstatus=true	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=109483205925698&w=2	Trust: 0.1
url:	http://www.idefense.com/application/poi/display?id=137&type=vulnerabilities	Trust: 0.1

sources: VULHUB: VHN-9260 // BID: 11145 // CNNVD: CNNVD-200409-018 // NVD: CVE-2004-0830

CREDITS

iDEFENSE Security Advisory※ labs@idefense.com

Trust: 0.6

sources: CNNVD: CNNVD-200409-018

SOURCES

db:	VULHUB	id:	VHN-9260
db:	BID	id:	11145
db:	CNNVD	id:	CNNVD-200409-018
db:	NVD	id:	CVE-2004-0830

LAST UPDATE DATE

2024-08-14T15:31:12.775000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-9260	date:	2017-07-11T00:00:00
db:	BID	id:	11145	date:	2009-07-12T07:06:00
db:	CNNVD	id:	CNNVD-200409-018	date:	2006-08-16T00:00:00
db:	NVD	id:	CVE-2004-0830	date:	2017-07-11T01:30:30.857

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-9260	date:	2004-09-09T00:00:00
db:	BID	id:	11145	date:	2004-09-09T00:00:00
db:	CNNVD	id:	CNNVD-200409-018	date:	2004-09-09T00:00:00
db:	NVD	id:	CVE-2004-0830	date:	2004-09-09T04:00:00