CVE-2002-1912 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Skystream	Emr5000	1.16

Related Weaknesses (CWE)

CWE-476

References

http://www.globalintersec.com/adv/skystream-2002021001.txtBroken LinkExploitPatch
http://www.iss.net/security_center/static/10380.phpBroken Link
http://www.securityfocus.com/archive/1/295516Broken LinkThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/5977Broken LinkThird Party AdvisoryVDB Entry
http://www.globalintersec.com/adv/skystream-2002021001.txtBroken LinkExploitPatch
http://www.iss.net/security_center/static/10380.phpBroken Link
http://www.securityfocus.com/archive/1/295516Broken LinkThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/5977Broken LinkThird Party AdvisoryVDB Entry

FAQ

What is CVE-2002-1912?

CVE-2002-1912 is a vulnerability with a CVSS score of 7.5 (HIGH). SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exceptio...

How severe is CVE-2002-1912?

CVE-2002-1912 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2002-1912?

Check the references section above for vendor advisories and patch information. Affected products include: Skystream Emr5000.