Denial of service - #VU386
Published: September 9, 2016
Vulnerability identifier: #VU386
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
CVE-ID: N/A
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor:
Affected software:
Detailed vulnerability description
The vulnerability allows attackers to trigger target service denial.
The vulnerability is caused by specially crafted ACK message. Sent by the remote atacker the message causes null pointer error that becomes the reason of service crash.
Successful exploitation of this vulnerability results in vulnerable service denial.
The vulnerability is caused by specially crafted ACK message. Sent by the remote atacker the message causes null pointer error that becomes the reason of service crash.
Successful exploitation of this vulnerability results in vulnerable service denial.
Remediation
Update to version 13.11.1.