Sign-up

ID

VAR-200603-0490


CVE

CVE-2006-0960


TITLE

Compex NetPassage WPE54G uConfig Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2006-1213 // CNNVD: CNNVD-200603-011

DESCRIPTION

uConfig agent in Compex NetPassage WPE54G router allows remote attackers to cause a denial of service (unresposiveness) via crafted datagrams to UDP port 7778. NetPassage WPE54G is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the device to properly handle user-supplied input. An attacker can exploit this issue to crash the affected device, effectively denying service to legitimate users. TITLE: Compex NetPassage WPE54G Denial of Service Vulnerability SECUNIA ADVISORY ID: SA19037 VERIFY ADVISORY: http://secunia.com/advisories/19037/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network SOFTWARE: Compex NetPassage WPE54G http://secunia.com/product/8471/ DESCRIPTION: /dev/0id has reported a vulnerability Compex NetPassage WPE54G, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the uConfig agent within the handling of certain UDP datagrams. SOLUTION: Use of the network device on trusted networks only. PROVIDED AND/OR DISCOVERED BY: /dev/0id, Ukr Security Team. ORIGINAL ADVISORY: http://www.security.nnov.ru/Ldocument605.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.8

sources: NVD: CVE-2006-0960 // CNVD: CNVD-2006-1213 // BID: 16894 // PACKETSTORM: 44244

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2006-1213

AFFECTED PRODUCTS

vendor:compexmodel:netpassage wpe54gscope:eqversion:*

Trust: 1.0

vendor:nomodel: - scope: - version: -

Trust: 0.6

vendor:compexmodel:netpassage wpe54gscope: - version: -

Trust: 0.6

vendor:compexmodel:netpassage wpe54gscope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2006-1213 // BID: 16894 // CNNVD: CNNVD-200603-011 // NVD: CVE-2006-0960

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-0960
value: MEDIUM

Trust: 1.0

CNVD: CNVD-2006-1213
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-200603-011
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2006-0960
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2006-1213
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2006-1213 // CNNVD: CNNVD-200603-011 // NVD: CVE-2006-0960

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-0960

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200603-011

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200603-011

EXTERNAL IDS

db:BIDid:16894

Trust: 2.5

db:NVDid:CVE-2006-0960

Trust: 2.2

db:SECUNIAid:19037

Trust: 1.7

db:SECTRACKid:1015690

Trust: 1.6

db:VUPENid:ADV-2006-0780

Trust: 1.6

db:CNVDid:CNVD-2006-1213

Trust: 0.6

db:XFid:24968

Trust: 0.6

db:CNNVDid:CNNVD-200603-011

Trust: 0.6

db:PACKETSTORMid:44244

Trust: 0.1

sources: CNVD: CNVD-2006-1213 // BID: 16894 // PACKETSTORM: 44244 // CNNVD: CNNVD-200603-011 // NVD: CVE-2006-0960

REFERENCES

url:http://www.securityfocus.com/bid/16894

Trust: 2.2

url:http://www.security.nnov.ru/ldocument605.html

Trust: 2.0

url:http://securitytracker.com/id?1015690

Trust: 1.6

url:http://secunia.com/advisories/19037

Trust: 1.6

url:http://www.vupen.com/english/advisories/2006/0780

Trust: 1.0

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/24968

Trust: 1.0

url:http://www.frsirt.com/english/advisories/2006/0780

Trust: 0.6

url:http://xforce.iss.net/xforce/xfdb/24968

Trust: 0.6

url:http://www.compex.com.sg/home/products1.asp?20050906310021

Trust: 0.3

url:http://www.compex.com.sg/home/index.asp

Trust: 0.3

url:http://secunia.com/advisories/19037/

Trust: 0.1

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/8471/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2006-1213 // BID: 16894 // PACKETSTORM: 44244 // CNNVD: CNNVD-200603-011 // NVD: CVE-2006-0960

CREDITS

/dev/0id is credited with the discovery of this vulnerability.

Trust: 0.9

sources: BID: 16894 // CNNVD: CNNVD-200603-011

SOURCES

db:CNVDid:CNVD-2006-1213
db:BIDid:16894
db:PACKETSTORMid:44244
db:CNNVDid:CNNVD-200603-011
db:NVDid:CVE-2006-0960

LAST UPDATE DATE

2024-08-14T15:45:35.858000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2006-1213date:2006-03-02T00:00:00
db:BIDid:16894date:2006-03-05T01:06:00
db:CNNVDid:CNNVD-200603-011date:2006-03-03T00:00:00
db:NVDid:CVE-2006-0960date:2017-07-20T01:30:12.237

SOURCES RELEASE DATE

db:CNVDid:CNVD-2006-1213date:2006-03-02T00:00:00
db:BIDid:16894date:2006-03-01T00:00:00
db:PACKETSTORMid:44244date:2006-03-02T08:30:58
db:CNNVDid:CNNVD-200603-011date:2006-03-02T00:00:00
db:NVDid:CVE-2006-0960date:2006-03-02T23:02:00