Details of VAR-200806-0437

ID

VAR-200806-0437

TITLE

Icon Labs Iconfidant SSH Server Multiple Denial of Service Vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2008-2838

DESCRIPTION

Iconfident SSH is an SSH server running on a VxWorks-based system. Multiple vulnerabilities exist in the Iconfidant SSH server, which may cause system instability. During an SSH login, if a login is performed in a positive time frame, or invalid authentication credentials are sent, or other management operations are performed at the same time during the login, these vulnerabilities can be triggered, resulting in a denial of service

Trust: 0.9

sources: CNVD: CNVD-2008-2838 // IVD: ef28beb0-1fd5-11e6-abef-000c29c66e3d // IVD: 7d7def41-463f-11e9-b802-000c29342cb1

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.0

sources: IVD: ef28beb0-1fd5-11e6-abef-000c29c66e3d // IVD: 7d7def41-463f-11e9-b802-000c29342cb1 // CNVD: CNVD-2008-2838

AFFECTED PRODUCTS

vendor:

none

model:

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2008-2838

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD:	ef28beb0-1fd5-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2
IVD:	7d7def41-463f-11e9-b802-000c29342cb1
value:	HIGH
Trust: 0.2

IVD:	ef28beb0-1fd5-11e6-abef-000c29c66e3d
severity:	NONE
baseScore:	NONE
vectorString:	NONE
accessVector:	NONE
accessComplexity:	NONE
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	UNKNOWN
Trust: 0.2
IVD:	7d7def41-463f-11e9-b802-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: ef28beb0-1fd5-11e6-abef-000c29c66e3d // IVD: 7d7def41-463f-11e9-b802-000c29342cb1

TYPE

Denial of service

Trust: 0.2

sources: IVD: ef28beb0-1fd5-11e6-abef-000c29c66e3d

EXTERNAL IDS

db:	CNVD	id:	CNVD-2008-2838	Trust: 1.0
db:	IVD	id:	EF28BEB0-1FD5-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	7D7DEF41-463F-11E9-B802-000C29342CB1	Trust: 0.2

sources: IVD: ef28beb0-1fd5-11e6-abef-000c29c66e3d // IVD: 7d7def41-463f-11e9-b802-000c29342cb1 // CNVD: CNVD-2008-2838

SOURCES

db:	IVD	id:	ef28beb0-1fd5-11e6-abef-000c29c66e3d
db:	IVD	id:	7d7def41-463f-11e9-b802-000c29342cb1
db:	CNVD	id:	CNVD-2008-2838

LAST UPDATE DATE

2022-05-17T01:39:02.527000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2008-2838

date:

2008-06-10T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	ef28beb0-1fd5-11e6-abef-000c29c66e3d	date:	2008-06-09T00:00:00
db:	IVD	id:	7d7def41-463f-11e9-b802-000c29342cb1	date:	2008-06-09T00:00:00
db:	CNVD	id:	CNVD-2008-2838	date:	2008-06-09T00:00:00