Vulnerabilities > CVE-2007-2344 - Denial-Of-Service vulnerability in Enterasys Netsight Console and Netsight Inventory Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid "packet type" field. The vendor has addressed this issue with the following product updates: Apply Security Patch 1 : http://www.enterasys.com/products/management/downloads/security_and_patches/ Or upgrade to Enterasys NetSight Console 2.3.1 build 6 and NetSight Inventory Manager 2.2.2 build 4 : http://www.enterasys.com/services/support/downloads/
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |