Executive Summary
| Summary | |
|---|---|
| Title | CIPE DoS attack |
| Informations | |||
|---|---|---|---|
| Name | DSA-104 | First vendor Publication | 2002-01-14 |
| Vendor | Debian | Last vendor Modification | 2002-01-14 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Larry McVoy found a bug in the packet handling code for the CIPE VPN package: it did not check if a received packet was too short and could crash. This has been fixed in version 1.3.0-3, and we recommend that you upgrade your cipe packages immediately. Please note that the package only contains the needed kernel patch, you will have to build the kernel modules for your kernel with the updated source from the cipe-source package. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato |
Original Source
| Url : http://www.debian.org/security/2002/dsa-104 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-01-17 | Name : Debian Security Advisory DSA 104-1 (cipe) File : nvt/deb_104_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 5393 | CIPE VPN Short Malformed Packet DoS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-104.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:25:42 |
|
