Vulnerabilities > CVE-2006-2706 - Denial-Of-Service vulnerability in Class 5 Enterprise Vulnerability Management

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

secure-elements

NVD

Published: 2006-05-31

Updated: 2017-07-20

Summary

Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts. The vulnerabilities and security issues have been fixed in C5 EVM version 2.8.1.

Vulnerable Configurations

Part	Description	Count
Application	Secure_Elements Secure Elements Class 5 Enterprise Vulnerability Management *	1

References

http://secunia.com/advisories/20378
http://securitytracker.com/id?1016184
http://www.kb.cert.org/vuls/id/487617
http://www.kb.cert.org/vuls/id/WDON-6QANUZ
http://www.vupen.com/english/advisories/2006/2069
https://exchange.xforce.ibmcloud.com/vulnerabilities/26779