CVE-2004-1680

Опубликовано: 13 сент. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request, possibly triggering a buffer overflow.

Ссылки

http://secunia.com/advisories/12523
Exploit
Patch
Vendor Advisory
http://www.atstake.com/research/advisories/2004/a091304-2.txt
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11161
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17346
http://secunia.com/advisories/12523
Exploit
Patch
Vendor Advisory
http://www.atstake.com/research/advisories/2004/a091304-2.txt
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11161
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17346

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:pingtel:xpressa:1.2.5:*:*:*:*:*:*:*

cpe:2.3:h:pingtel:xpressa:1.2.7.4:*:*:*:*:*:*:*

cpe:2.3:h:pingtel:xpressa:1.2.8:*:*:*:*:*:*:*

cpe:2.3:h:pingtel:xpressa:2.0:*:*:*:*:*:*:*

cpe:2.3:h:pingtel:xpressa:2.0.1:*:*:*:*:*:*:*

cpe:2.3:h:pingtel:xpressa:2.1.11.24:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.00998

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4wpr-qcp7-qmrj

github

почти 4 года назад