Dreambox DM500 Web Server long URL kura hakki ndiyam

CVSS Meta Temp ScoreGarga na exploit ndiyam (≈)CTI Nganji Score
6.8$0-$5k0.00

Gundumabayani

Gaskiya vulnerability da aka ware a matsayin karshewa an samu a Dreambox DM500. Hakika, aikin $software_function ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil $software_file, a cikin sashen Web Server. A sa manipulation as part of long URL ka kura hakki ndiyam. Wannan matsala ana saninta da CVE-2008-3936. Ngam yiɗi ka a tuma ndiyam ka internet. Har ila yau, exploit ɗin yana nan. Ana ba da shawara a saka katangar wuta mai hana shiga sosai. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Furɗebayani

Gaskiya vulnerability da aka ware a matsayin karshewa an samu a Dreambox DM500. Hakika, aikin $software_function ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil $software_file, a cikin sashen Web Server. A sa manipulation as part of long URL ka kura hakki ndiyam. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-20. An gano matsalar a 04/28/2008. Hakika, rauni an bayyana shi 08/29/2008 daga Marc Ruef tare da scip AG (Full-Disclosure). An raba bayanin tsaro don saukewa a archives.neohapsis.com.

Wannan matsala ana saninta da CVE-2008-3936. CVE assignement 09/05/2008 nda shikena. Ngam yiɗi ka a tuma ndiyam ka internet. Tekinikal faɗi ba ga. Shaharar wannan vulnerability ta fi matsakaici. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro.

Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga computec.ch. 0-day shima, an ndiyam a wuro be $25k-$100k. Ana bayar da Nessus plugin mai lamba 10320 daga na'urar gano rauni. Ana gudanar da plugin ɗin a cikin irin wannan nau'i: r.

Ana ba da shawara a saka katangar wuta mai hana shiga sosai.

Wannan vulnerability an kuma samu a wasu kundin bayanan vulnerability: SecurityFocus (BID 30919), X-Force (44788), Secunia (SA31650), SecurityTracker (ID 1020784) , Tenable (10320). Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Kayanbayani

Ngilabe

Sunu

CPE 2.3bayani

CPE 2.2bayani

CVSSv4bayani

VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍

CVSSv3bayani

VulDB Meta Base Score: 7.5
VulDB Meta Temp Score: 6.8

VulDB Ganda Borno: 7.5
VulDB Temp Score: 6.8
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍

CVSSv2bayani

AVACAuCIA
💳💳💳💳💳💳
💳💳💳💳💳💳
💳💳💳💳💳💳
VektarKumpleksitiAuthentisierungKariyandiGaskiyaGashina
furufurufurufurufurufuru
furufurufurufurufurufuru
furufurufurufurufurufuru

VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍

NVD Ganda Borno: 🔍

Gargajiyabayani

Klasu: Kura hakki ndiyam
CWE: CWE-20
CAPEC: 🔍
ATT&CK: 🔍

Fizikal: Ayi
Gumti: Ayi
Gana: Ee

Gashina: 🔍
Gada: Kàndíga
Halitta: Huɗɗi-na-gaskiya
Dawunload: 🔍

EPSS Score: 🔍
EPSS Percentile: 🔍

Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍

0-Dayfurufurufurufuru
Lalefurufurufurufuru

Nessus ID: 10320
Nessus Sunu: Web Server Long URL Handling Remote Overflow DoS
Nessus Fayil: 🔍
Nessus Kafara: 🔍
Nessus Kulu: 🔍
Nessus Context: 🔍

Bayani na barazanabayani

Ngam: 🔍
Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍

Kari gamjibayani

Garga: Firewall
Halitta: 🔍

0-Day Gana: 🔍
Lokti Delay Gawti: 🔍

Waktin layibayani

06/22/1999 🔍
04/28/2008 +3233 Hənde 🔍
08/19/2008 +113 Hənde 🔍
08/29/2008 +10 Hənde 🔍
08/29/2008 +0 Hənde 🔍
08/29/2008 +0 Hənde 🔍
08/29/2008 +0 Hənde 🔍
09/02/2008 +4 Hənde 🔍
09/05/2008 +2 Hənde 🔍
09/05/2008 +0 Hənde 🔍
03/16/2021 +4575 Hənde 🔍

Ngizimbayani

Gargaaji: archives.neohapsis.com
Ngamti: Marc Ruef
Kampani: scip AG
Halitta: A wondi feere

CVE: CVE-2008-3936 (🔍)
GCVE (CVE): GCVE-0-2008-3936
GCVE (VulDB): GCVE-100-3807
X-Force: 44788 - Dreambox DM500 Web interface denial of service, Medium Risk
SecurityFocus: 30919 - Dreambox Web Interface URI Remote Denial of Service Vulnerability
Secunia: 31650 - Dreambox DM500 Series Denial of Service and File Disclosure Vulnerabilities, Less Critical
OSVDB: 47879 - Dreambox DM500 Web Interface URL Handling Remote DoS
SecurityTracker: 1020784
Vupen: ADV-2008-2472

scip Labs: https://www.scip.ch/en/?labs.20161013
Gana kuma: 🔍

Gumtibayani

Súgá: 08/19/2008 17:26
Gargadi: 03/16/2021 18:46
Goyarwa: 08/19/2008 17:26 (80), 10/08/2018 14:55 (8), 03/16/2021 18:46 (3)
Gadankam: 🔍
Cache ID: 253:00D:103

Ganaaji

A ga wuroyo kulu. Kàlàmbe: kr + en.

Ngam loga ka, kanyi shidin dum.

GurɗoGumtiGada

Interested in the pricing of exploits?

See the underground prices here!