CERTA-2002-AVI-094

Vulnerability from certfr_avis - Published: - Updated:

Un utilisateur mal intentionné peut réaliser un déni de service sur RealSecure Network Sensor de ISS (Internet Security Systems) par le biais de paquets malicieusement construits.

Description

RealSecure Network Sensor est un système de détection d'intrusions.

Une vulnérabilité présente dans le traitement de certaines requêtes DHCP peut entraîner l'arrêt intempestif de RealSecure Network Sensor.

Cette vulnérabilité est exploitable à distance.

Contournement provisoire

Désactiver les signatures DHCP_ACK, DHCP_Discover et DHCP_Request dans la configuration de RealSecure Network Sensor.

Solution

Appliquer la mise à jour RealSecure X-Press Update 4.3 (se référer à la section documentation).

None
Impacted products
Vendor Product Description
N/A N/A RealSecure Network Sensor 6.5.
N/A N/A RealSecure Network Sensor 6.0 ;
N/A N/A RealSecure Network Sensor 5.x ;
References
Liste de diffusion Bugtraq None vendor-advisory
Site Internet de ISS : - other

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "RealSecure Network Sensor 6.5.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "RealSecure Network Sensor 6.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "RealSecure Network Sensor 5.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nRealSecure Network Sensor est un syst\u00e8me de d\u00e9tection d\u0027intrusions.\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans le traitement de certaines requ\u00eates DHCP\npeut entra\u00eener l\u0027arr\u00eat intempestif de RealSecure Network Sensor.\n\nCette vuln\u00e9rabilit\u00e9 est exploitable \u00e0 distance.\n\n## Contournement provisoire\n\nD\u00e9sactiver les signatures DHCP_ACK, DHCP_Discover et DHCP_Request dans\nla configuration de RealSecure Network Sensor.\n\n## Solution\n\nAppliquer la mise \u00e0 jour RealSecure X-Press Update 4.3 (se r\u00e9f\u00e9rer \u00e0 la\nsection documentation).\n",
  "cves": [],
  "links": [
    {
      "title": "Site Internet de ISS :",
      "url": "http://www.iss.net/"
    }
  ],
  "reference": "CERTA-2002-AVI-094",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2002-05-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Un utilisateur mal intentionn\u00e9 peut r\u00e9aliser un d\u00e9ni de service sur\nRealSecure Network Sensor de ISS (Internet Security Systems) par le\nbiais de paquets malicieusement construits.\n",
  "title": "Vuln\u00e9rabilit\u00e9 sur RealSecure Network Sensor",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Liste de diffusion Bugtraq",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.