CVE-2005-4275 — HIGH (7.8) — White Hats Nepal

Vulnerability Description

Scientific Atlanta DPX2100 Cable Modem allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD), as demonstrated using hping2. NOTE: the provenance of this issue is unknown; the details are obtained solely from third party information.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:N/I:N/A:C

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Scientific Atlanta	Dpx2100 Cable Modem	All versions

References

http://www.securityfocus.com/bid/15870Exploit
http://www.securityfocus.com/bid/15870Exploit

FAQ

What is CVE-2005-4275?

CVE-2005-4275 is a vulnerability with a CVSS score of 7.8 (HIGH). Scientific Atlanta DPX2100 Cable Modem allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag se...

How severe is CVE-2005-4275?

CVE-2005-4275 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-4275?

Check the references section above for vendor advisories and patch information. Affected products include: Scientific Atlanta Dpx2100 Cable Modem.