Vulnerabilities > CVE-2007-1327 - Null Pointer Dereference vulnerability in Silc Silc-Server 1.0.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Silc Server 1.0.2 New Channel Remote Denial Of Service Vulnerability. CVE-2007-1327. Dos exploit for linux platform |
| id | EDB-ID:29716 |
| last seen | 2016-02-03 |
| modified | 2007-03-06 |
| published | 2007-03-06 |
| reporter | Frank Benkstein |
| source | https://www.exploit-db.com/download/29716/ |
| title | Silc Server 1.0.2 New Channel Remote Denial of Service Vulnerability |
References
- http://marc.info/?l=full-disclosure&m=117320823618036&w=2
- http://osvdb.org/33887
- http://secunia.com/advisories/24426
- http://secunia.com/advisories/24431
- http://security.gentoo.org/glsa/glsa-200703-12.xml
- http://www.securityfocus.com/bid/22846
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32846