Details of VAR-200706-0180

ID

VAR-200706-0180

CVE

CVE-2007-3253

TITLE

ASG Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-002196

DESCRIPTION

Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing virus scanned web pages; and (3) a disconnection during a streaming session. Astaro Security Gateway (ASG) There is a service disruption (DoS) Vulnerabilities exist.Service disruption by a third party via: (DoS) There is a possibility that. Astaro Up2Date is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to cause the application to stop responding, denying further service to legitimate users. This issue affects versions prior to Astaro Up2Date 7.005. Multiple unidentified vulnerabilities exist in Astaro Security Gateway (ASG)

Trust: 1.98

sources: NVD: CVE-2007-3253 // JVNDB: JVNDB-2007-002196 // BID: 24492 // VULHUB: VHN-26615

AFFECTED PRODUCTS

vendor:	astaro	model:	security gateway	scope:	eq	version:	7.0	Trust: 1.6
vendor:	astaro	model:	security gateway	scope:	lt	version:	7.005	Trust: 0.8
vendor:	astaro	model:	up2date	scope:	eq	version:	7.004	Trust: 0.3
vendor:	astaro	model:	up2date	scope:	eq	version:	7.003	Trust: 0.3
vendor:	astaro	model:	up2date	scope:	eq	version:	7.002	Trust: 0.3
vendor:	astaro	model:	up2date	scope:	eq	version:	7.001	Trust: 0.3
vendor:	astaro	model:	up2date	scope:	eq	version:	7.000	Trust: 0.3
vendor:	astaro	model:	up2date	scope:	ne	version:	7.005	Trust: 0.3

sources: BID: 24492 // JVNDB: JVNDB-2007-002196 // CNNVD: CNNVD-200706-277 // NVD: CVE-2007-3253

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-3253
value:	HIGH
Trust: 1.0
NVD:	CVE-2007-3253
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200706-277
value:	HIGH
Trust: 0.6
VULHUB:	VHN-26615
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2007-3253
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-26615
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-26615 // JVNDB: JVNDB-2007-002196 // CNNVD: CNNVD-200706-277 // NVD: CVE-2007-3253

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-3253

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200706-277

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200706-277

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-002196

PATCH

title:

Top Page

url:

http://www.astaro.com/

Trust: 0.8

sources: JVNDB: JVNDB-2007-002196

EXTERNAL IDS

db:	NVD	id:	CVE-2007-3253	Trust: 2.8
db:	BID	id:	24492	Trust: 2.0
db:	OSVDB	id:	37345	Trust: 1.7
db:	OSVDB	id:	37346	Trust: 1.7
db:	VUPEN	id:	ADV-2007-2220	Trust: 1.7
db:	SECUNIA	id:	25694	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-002196	Trust: 0.8
db:	XF	id:	34882	Trust: 0.6
db:	XF	id:	34884	Trust: 0.6
db:	CNNVD	id:	CNNVD-200706-277	Trust: 0.6
db:	VULHUB	id:	VHN-26615	Trust: 0.1

sources: VULHUB: VHN-26615 // BID: 24492 // JVNDB: JVNDB-2007-002196 // CNNVD: CNNVD-200706-277 // NVD: CVE-2007-3253

REFERENCES

url:	http://www.securityfocus.com/bid/24492	Trust: 1.7
url:	http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html	Trust: 1.7
url:	http://osvdb.org/37345	Trust: 1.7
url:	http://osvdb.org/37346	Trust: 1.7
url:	http://secunia.com/advisories/25694	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/2220	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/34884	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/34882	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3253	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3253	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2007/2220	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/34884	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/34882	Trust: 0.6
url:	http://www.astaro.com/	Trust: 0.3
url:	http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html#more	Trust: 0.3

sources: VULHUB: VHN-26615 // BID: 24492 // JVNDB: JVNDB-2007-002196 // CNNVD: CNNVD-200706-277 // NVD: CVE-2007-3253

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 24492

SOURCES

db:	VULHUB	id:	VHN-26615
db:	BID	id:	24492
db:	JVNDB	id:	JVNDB-2007-002196
db:	CNNVD	id:	CNNVD-200706-277
db:	NVD	id:	CVE-2007-3253

LAST UPDATE DATE

2024-08-14T15:45:25.689000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-26615	date:	2017-07-29T00:00:00
db:	BID	id:	24492	date:	2015-05-07T17:37:00
db:	JVNDB	id:	JVNDB-2007-002196	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200706-277	date:	2007-06-18T00:00:00
db:	NVD	id:	CVE-2007-3253	date:	2017-07-29T01:32:06.957

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-26615	date:	2007-06-18T00:00:00
db:	BID	id:	24492	date:	2007-06-15T00:00:00
db:	JVNDB	id:	JVNDB-2007-002196	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200706-277	date:	2007-06-18T00:00:00
db:	NVD	id:	CVE-2007-3253	date:	2007-06-18T10:30:00