Vulnerability Details : CVE-2006-2078
Multiple unspecified vulnerabilities in multiple FITELnet products, including FITELnet-F40, F80, F100, F120, F1000, and E20/E30, allow remote attackers to cause a denial of service via crafted DNS messages that trigger errors in (1) ProxyDNS or (2) PKI-Resolver, as demonstrated by the OUSPG PROTOS DNS test suite.
Vulnerability category: Denial of service
Products affected by CVE-2006-2078
- cpe:2.3:h:furukawa_electric:fitelnet:f100:*:*:*:*:*:*:*
- cpe:2.3:h:furukawa_electric:fitelnet:f1000:*:*:*:*:*:*:*
- cpe:2.3:h:furukawa_electric:fitelnet:f120:*:*:*:*:*:*:*
- cpe:2.3:h:furukawa_electric:fitelnet:f3000:*:*:*:*:*:*:*
- cpe:2.3:h:furukawa_electric:fitelnet:e20:*:*:*:*:*:*:*
- cpe:2.3:h:furukawa_electric:fitelnet:e30:*:*:*:*:*:*:*
- cpe:2.3:h:furukawa_electric:fitelnet:f40:*:*:*:*:*:*:*
- cpe:2.3:h:furukawa_electric:fitelnet:f80:*:*:*:*:*:*:*
- cpe:2.3:h:furukawa_electric:mucho-ev_pk:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-2078
5.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-2078
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
References for CVE-2006-2078
-
http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en
Patch;Vendor Advisory
-
http://www.furukawa.co.jp/fitelnet/topic/dns2_attacks.html
-
http://www.vupen.com/english/advisories/2006/1505
Site en construction
-
http://www.securityfocus.com/bid/17710
Patch
-
http://www.kb.cert.org/vuls/id/955777
VU#955777 - Multiple vulnerabilities in DNS implementationsUS Government Resource
-
http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en
Patch
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/26081
Multiple vendor DNS request handling issues discovered using the PROTOS DNS Test Suite CVE-2006-2240 Vulnerability Report
-
http://www.vupen.com/english/advisories/2006/1536
Jump to