CVE-2007-1327

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-1327
The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm.

7.8 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://marc.info/?l=full-disclosure&m=117320823618036&w=2 Third Party Advisory
http://osvdb.org/33887 Broken Link
http://secunia.com/advisories/24426 Permissions Required
http://secunia.com/advisories/24431 Permissions Required
http://security.gentoo.org/glsa/glsa-200703-12.xml Third Party Advisory
http://www.securityfocus.com/bid/22846 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/32846
http://marc.info/?l=full-disclosure&m=117320823618036&w=2 Third Party Advisory
http://osvdb.org/33887 Broken Link
http://secunia.com/advisories/24426 Permissions Required
http://secunia.com/advisories/24431 Permissions Required
http://security.gentoo.org/glsa/glsa-200703-12.xml Third Party Advisory
http://www.securityfocus.com/bid/22846 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/32846
Configurations

Configuration 1 (hide)

cpe:2.3:a:silc:silc-server:1.0.2:*:*:*:*:*:*:*
History

21 Nov 2024, 00:28

Type Values Removed Values Added
References () http://marc.info/?l=full-disclosure&m=117320823618036&w=2 - Third Party Advisory () http://marc.info/?l=full-disclosure&m=117320823618036&w=2 - Third Party Advisory
References () http://osvdb.org/33887 - Broken Link () http://osvdb.org/33887 - Broken Link
References () http://secunia.com/advisories/24426 - Permissions Required () http://secunia.com/advisories/24426 - Permissions Required
References () http://secunia.com/advisories/24431 - Permissions Required () http://secunia.com/advisories/24431 - Permissions Required
References () http://security.gentoo.org/glsa/glsa-200703-12.xml - Third Party Advisory () http://security.gentoo.org/glsa/glsa-200703-12.xml - Third Party Advisory
References () http://www.securityfocus.com/bid/22846 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/22846 - Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/32846 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/32846 -
Information

Published : 2007-03-07 21:19

Updated : 2025-04-09 00:30

NVD link : CVE-2007-1327

Mitre link : CVE-2007-1327

CVE.ORG link : CVE-2007-1327

JSON object : View

Products Affected

silc

  • silc-server
CWE
CWE-476

NULL Pointer Dereference