CVE-2007-5242 (GCVE-0-2007-5242)
Vulnerability from cvelistv5
Published
2007-10-06 16:00
Modified
2024-08-07 15:24
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment."
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:24:42.357Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "25939",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25939"
          },
          {
            "name": "37813",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37813"
          },
          {
            "name": "27084",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27084"
          },
          {
            "name": "[openvms-alerts] 20071003 VMS83I_LAN-V0600, ECO Kit Release",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.openvms.org:8100/Lists/alerts/Message/583.html"
          },
          {
            "name": "ADV-2007-3382",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3382"
          },
          {
            "name": "37812",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37812"
          },
          {
            "name": "[openvms-alerts] 20071003 VMS83A_LAN-V0200, ECO Kit Release",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.openvms.org:8100/Lists/alerts/Message/582.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an \"oversize\" packet, which is not properly discarded if \"the device has no remaining buffers after receipt of the first buffer segment.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-15T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "25939",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25939"
        },
        {
          "name": "37813",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37813"
        },
        {
          "name": "27084",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27084"
        },
        {
          "name": "[openvms-alerts] 20071003 VMS83I_LAN-V0600, ECO Kit Release",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.openvms.org:8100/Lists/alerts/Message/583.html"
        },
        {
          "name": "ADV-2007-3382",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3382"
        },
        {
          "name": "37812",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37812"
        },
        {
          "name": "[openvms-alerts] 20071003 VMS83A_LAN-V0200, ECO Kit Release",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.openvms.org:8100/Lists/alerts/Message/582.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5242",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an \"oversize\" packet, which is not properly discarded if \"the device has no remaining buffers after receipt of the first buffer segment.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "25939",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25939"
            },
            {
              "name": "37813",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37813"
            },
            {
              "name": "27084",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27084"
            },
            {
              "name": "[openvms-alerts] 20071003 VMS83I_LAN-V0600, ECO Kit Release",
              "refsource": "MLIST",
              "url": "http://mail.openvms.org:8100/Lists/alerts/Message/583.html"
            },
            {
              "name": "ADV-2007-3382",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3382"
            },
            {
              "name": "37812",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37812"
            },
            {
              "name": "[openvms-alerts] 20071003 VMS83A_LAN-V0200, ECO Kit Release",
              "refsource": "MLIST",
              "url": "http://mail.openvms.org:8100/Lists/alerts/Message/582.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5242",
    "datePublished": "2007-10-06T16:00:00",
    "dateReserved": "2007-10-06T00:00:00",
    "dateUpdated": "2024-08-07T15:24:42.357Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-5242\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-10-06T16:17:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an \\\"oversize\\\" packet, which is not properly discarded if \\\"the device has no remaining buffers after receipt of the first buffer segment.\\\"\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en (1) SYS$EI1000.EXE y (2) SYS$EI1000_MON.EXE en HP OpenVMS 8.3 y anteriores permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida de maquina) a trav\u00e9s de un paquete \\\"sobredimensionado\\\", el cual no es descartado adecuadamente si \\\"el dispositivo no tiene b\u00fafers restantes despu\u00e9s de recibir el primer segmento de b\u00fafer\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:openvms:*:*:alpha:*:*:*:*:*\",\"versionEndIncluding\":\"8.3\",\"matchCriteriaId\":\"5B52F550-E41B-4719-87BA-6390CB405066\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:openvms:*:*:integrity:*:*:*:*:*\",\"versionEndIncluding\":\"8.3\",\"matchCriteriaId\":\"6BEF6245-473B-4C57-8C76-0D0383774565\"}]}]}],\"references\":[{\"url\":\"http://mail.openvms.org:8100/Lists/alerts/Message/582.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://mail.openvms.org:8100/Lists/alerts/Message/583.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://osvdb.org/37812\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/37813\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27084\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/25939\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3382\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://mail.openvms.org:8100/Lists/alerts/Message/582.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://mail.openvms.org:8100/Lists/alerts/Message/583.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://osvdb.org/37812\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/37813\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/25939\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3382\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.