Details of VAR-201511-0409

ID

VAR-201511-0409

TITLE

D-Link DIR-615 \342\200\230PING\342\200\230 and \342\200\230Send Email\342\200\231 Buffer Overflow Vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2015-07695

DESCRIPTION

D-Link DIR-615 'PING' and 'Send Email' have a buffer overflow vulnerability that allows remote attackers to exploit this vulnerability to submit a special request to crash the service. D-Link DIR-615 is a small wireless router product from D-Link. A buffer overflow vulnerability exists in D-Link DIR-615, which originates from a program that does not perform correct boundary checks on user-submitted input. An attacker could use this vulnerability to execute arbitrary code in the context of an affected device and may also cause a denial of service. Failed exploits may result in denial-of-service conditions

Trust: 1.35

sources: CNVD: CNVD-2015-07695 // CNNVD: CNNVD-201511-375 // BID: 77600

IOT TAXONOMY

category:

['IoT', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-07695

AFFECTED PRODUCTS

vendor:	d link	model:	dir-615	scope:	-	version:	-	Trust: 0.6
vendor:	d link	model:	dir-615	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2015-07695 // BID: 77600

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2015-07695
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2015-07695
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2015-07695

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201511-375

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201511-375

EXTERNAL IDS

db:	BID	id:	77600	Trust: 1.5
db:	CNVD	id:	CNVD-2015-07695	Trust: 0.6
db:	CNNVD	id:	CNNVD-201511-375	Trust: 0.6

sources: CNVD: CNVD-2015-07695 // BID: 77600 // CNNVD: CNNVD-201511-375

REFERENCES

url:	http://www.securityfocus.com/bid/77600	Trust: 1.2
url:	http://www.dlink.com/	Trust: 0.3
url:	http://seclists.org/bugtraq/2015/nov/73	Trust: 0.3

sources: CNVD: CNVD-2015-07695 // BID: 77600 // CNNVD: CNNVD-201511-375

CREDITS

Samuel Huntley

Trust: 0.9

sources: BID: 77600 // CNNVD: CNNVD-201511-375

SOURCES

db:	CNVD	id:	CNVD-2015-07695
db:	BID	id:	77600
db:	CNNVD	id:	CNNVD-201511-375

LAST UPDATE DATE

2022-05-17T01:51:04.767000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-07695	date:	2015-11-24T00:00:00
db:	BID	id:	77600	date:	2015-11-13T00:00:00
db:	CNNVD	id:	CNNVD-201511-375	date:	2015-11-20T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-07695	date:	2015-11-24T00:00:00
db:	BID	id:	77600	date:	2015-11-13T00:00:00
db:	CNNVD	id:	CNNVD-201511-375	date:	2015-11-20T00:00:00