exploitDog

CVE-1999-1389

Опубликовано: 11 мая 1998

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt.

Ссылки

http://marc.info/?l=bugtraq&m=90221101925916&w=2
http://www.securityfocus.com/bid/99
Vendor Advisory
http://marc.info/?l=bugtraq&m=90221101925916&w=2
http://www.securityfocus.com/bid/99
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:3com:total_control_netserver_card:*:*:*:*:*:*:*:*

Версия до 3.7.24 (включая)

EPSS

Процентиль: 63%

0.00467

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5jm7-hvq6-jjvh

github

около 3 лет назад

US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt.

EPSS

Процентиль: 63%

0.00467

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other