Executive Summary
Summary | |
---|---|
Title | Wibu-Systems CodeMeter remote denial of service vulnerability |
Informations | |||
---|---|---|---|
Name | VU#659515 | First vendor Publication | 2012-01-12 |
Vendor | VU-CERT | Last vendor Modification | 2012-01-16 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#659515Wibu-Systems CodeMeter remote denial of service vulnerabilityOverviewWibu-Systems CodeMeter contains a remote denial of service vulnerability when receiving specially crafted packets.I. DescriptionWibu-Systems CodeMeter v4.30c and v4.10b contain a remote denial of service vulnerability when receiving specially crafted packets. Wibu-Systems CodeMeter listens on TCP/22350 for incoming connections. An attacker can send a specially crafted packet causing CodeMeter.exe to crash.II. ImpactA remote, unauthenticated attacker could cause the Wibu-Systems CodeMeter application to crash creating a denial-of-service condition.III. SolutionApply an Update
Referenceshttp://www.wibu.com/en/anwendersoftware.html CreditThanks to Kuang-Chun Hung of Information and Communication Security Technology Center for reporting this vulnerability. This document was written by Michael Orlando. Other Information
This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify |
Original Source
Url : http://www.kb.cert.org/vuls/id/659515 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2012-01-19 | Name : Wibu-Systems CodeMeter Runtime TCP Packets Denial of Service Vulnerability File : nvt/gb_wibu_systems_codemeter_tcp_packets_dos_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78223 | CodeMeter TCP Packet Parsing Unspecified Remote DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-02-02 | Name : A web application on the remote host is affected by a denial of service vulne... File : codemeter_webadmin_4_40.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:08:04 |
|