Main Vulnerability Database Vulnerabilities #VU82202

#VU82202 Resource management error in iperf - CVE-2023-7250

Published: October 18, 2023 / Updated: July 18, 2024

Vulnerability identifier: #VU82202

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-7250

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
iperf

Software vendor:
ESnet

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application. A remote malicious client can initiate the connection with the server sending it less data than expected and block the iperf server from servicing other clients.

Remediation

Install updates from vendor's website.

External links

https://bugzilla.redhat.com/show_bug.cgi?id=2244708
https://bugs.launchpad.net/ubuntu/+source/iperf3/+bug/2038654
https://downloads.es.net/pub/iperf/esnet-secadv-2023-0002.txt.asc
https://bugzilla.redhat.com/show_bug.cgi?id=2244707

#VU82202 Resource management error in iperf - CVE-2023-7250

Description

Remediation

External links

Please verify you're human