CVE-2007-0228 - Vulnerability Details - OpenCVE

The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer dereference.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.06133.

Key SSVC decision points have not yet been added.

Vendors	Products
Eiqnetworks	Enterprise Security Analyzer

Configuration 1 [-]

OR	cpe:2.3:a:eiqnetworks:enterprise_security_analyzer:2.0:::::::*
	cpe:2.3:a:eiqnetworks:enterprise_security_analyzer:2.1:::::::*
	cpe:2.3:a:eiqnetworks:enterprise_security_analyzer:2.5:::::::*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2007-0230	The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer dereference.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0209.html
http://osvdb.org/32725
http://secunia.com/advisories/23693
http://www.securityfocus.com/bid/21994
http://www.vupen.com/english/advisories/2007/0147
https://exchange.xforce.ibmcloud.com/vulnerabilities/31428

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-01-13T02:00:00

Updated: 2024-08-07T12:12:17.165Z

Reserved: 2007-01-12T00:00:00

Link: CVE-2007-0228

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-01-13T02:28:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-0228

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-01-10T00:00:00", "descriptions": [{"lang": "en", "value": "The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer dereference."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "21994", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21994"}, {"name": "23693", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23693"}, {"name": "20070110 EIQ Networks Network Security Analyzer DoS Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0209.html"}, {"name": "ADV-2007-0147", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0147"}, {"name": "eiq-datacollector-dos(31428)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31428"}, {"name": "32725", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/32725"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0228", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer dereference."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "21994", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21994"}, {"name": "23693", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23693"}, {"name": "20070110 EIQ Networks Network Security Analyzer DoS Vulnerability", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0209.html"}, {"name": "ADV-2007-0147", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0147"}, {"name": "eiq-datacollector-dos(31428)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31428"}, {"name": "32725", "refsource": "OSVDB", "url": "http://osvdb.org/32725"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:12:17.165Z"}, "title": "CVE Program Container", "references": [{"name": "21994", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21994"}, {"name": "23693", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23693"}, {"name": "20070110 EIQ Networks Network Security Analyzer DoS Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0209.html"}, {"name": "ADV-2007-0147", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0147"}, {"name": "eiq-datacollector-dos(31428)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31428"}, {"name": "32725", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/32725"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0228", "datePublished": "2007-01-13T02:00:00", "dateReserved": "2007-01-12T00:00:00", "dateUpdated": "2024-08-07T12:12:17.165Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eiqnetworks:enterprise_security_analyzer:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "64376FCB-5116-41F4-9861-FFC98FB4D116", "vulnerable": true}, {"criteria": "cpe:2.3:a:eiqnetworks:enterprise_security_analyzer:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3BAC804-6AC8-4952-A06F-1AAB3A3F93CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:eiqnetworks:enterprise_security_analyzer:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "44C0744E-BD0D-4035-B29F-6BFA50DD7184", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer dereference."}, {"lang": "es", "value": "El servicio DataCollector en EIQ Networks Network Security Analyzer permite a un atacante remoto provocar denegaci\u00f3n de servicio (caida de servicio) a trav\u00e9s de las cadenas (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, o (10) &SETREPLYPORT& al puerto TCP 10618, lo cual dispara un puntero NULL de referencia."}], "id": "CVE-2007-0228", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-01-13T02:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0209.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/32725"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23693"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/21994"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0147"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31428"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0209.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/32725"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23693"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/21994"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0147"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31428"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}