Vulnerabilities > CVE-2007-1653 - Denial-Of-Service vulnerability in Glowworm

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
glowworm
NVD
Published: 2007-03-24
Updated: 2008-11-13

Summary

GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service (kernel panic) via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses.

Vulnerable Configurations

Part Description Count
Application
Glowworm
1

References