Vulnerability CVE-2001-1435

Vulnerability Name:

CVE-2001-1435 (CCN-6157)

Assigned:

2001-02-23

Published:

2001-02-23

Updated:

2017-07-11

Summary:

inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of service (network connection loss) by causing one of the services handled by inetd to core dump during startup, which causes inetd to stop accepting connections to all of its services.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Denial of Service

References:

Source: CCN
Type: Compaq Security Advisory SSRT0708U
Potential denial of Service in inetd Tru64 V5.1 Only

Source: MITRE
Type: CNA
CVE-2001-1435

Source: CCN
Type: Compaq Support Web site
Welcome to Compaq support

Source: CCN
Type: US-CERT VU#880624
Compaq Tru64 Unix inetd vulnerable to DoS

Source: CERT-VN
Type: US Government Resource
VU#880624

Source: CCN
Type: OSVDB ID: 18175
Compaq Tru64 UNIX inetd Service Termination Network Connection DoS

Source: COMPAQ
Type: UNKNOWN
SSRT0708U

Source: XF
Type: UNKNOWN
tru64-inetd-dos(6157)

Source: XF
Type: UNKNOWN
tru64-inetd-dos(6157)

Vulnerable Configuration:

Configuration 1:

cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

BACK