CVE-2013-7314

Sažetak

The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

Reference

http://jpn.nec.com/security-info/secinfo/nv13-006.html
http://jpn.nec.com/univerge/ix/Support/CERT/VU229804.html
http://www.kb.cert.org/vuls/id/229804
http://www.kb.cert.org/vuls/id/BLUU-985QUQ

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

23-01-2014 - 19:54

Objavljeno

23-01-2014 - 17:55