CVE-2006-2310 - BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to cause a denial of s

CVE-2006-2310

Summary

BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to cause a denial of service (hang) via a request for a .cfm file whose name contains an MS-DOS device name such as (1) con, (2) aux, (3) com1, and (4) com2. This vulnerability is addressed in the following product release: New Atlanta Communications, BlueDragon Server, 6.2.1.309

References

Vulnerable Configurations

cpe:2.3:a:new_atlanta_communications:bluedragon_server:6.2.1.286:*:windows:*:*:*:*:*
cpe:2.3:a:new_atlanta_communications:bluedragon_server:6.2.1.286:*:windows:*:*:*:*:*
cpe:2.3:a:new_atlanta_communications:bluedragon_server_jx:6.2.1.286:*:windows:*:*:*:*:*
cpe:2.3:a:new_atlanta_communications:bluedragon_server_jx:6.2.1.286:*:windows:*:*:*:*:*

CVSS

Base:	5.0 (as of 08-03-2011 - 02:35)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	18624
misc	http://secunia.com/secunia_research/2006-18/advisory
secunia	19180
vupen	ADV-2006-2502

Last major update

08-03-2011 - 02:35

Published

26-06-2006 - 10:06

Last modified

08-03-2011 - 02:35