Vulnerability Details CVE-2007-1327
The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.126
EPSS Ranking 93.7%
CVSS Severity
CVSS v2 Score 7.8
References
- http://marc.info/?l=full-disclosure&m=117320823618036&w=2
- http://osvdb.org/33887
- http://secunia.com/advisories/24426
- http://secunia.com/advisories/24431
- http://security.gentoo.org/glsa/glsa-200703-12.xml
- http://www.securityfocus.com/bid/22846
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32846
- http://marc.info/?l=full-disclosure&m=117320823618036&w=2
- http://osvdb.org/33887
- http://secunia.com/advisories/24426
- http://secunia.com/advisories/24431
- http://security.gentoo.org/glsa/glsa-200703-12.xml
- http://www.securityfocus.com/bid/22846
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32846
Products affected by CVE-2007-1327
-
cpe:2.3:a:silc:silc-server:1.0.2