Vulnerabilities > CVE-2007-3728 - Remote Buffer Overflow vulnerability in Silc Client and Silc Toolkit

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

silc

NVD

Published: 2007-07-12

Updated: 2017-07-29

Summary

Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via "NICK_CHANGE" notifications.

Vulnerable Configurations

Part	Description	Count
Application	Silc Silc Silc Client 1.1.1 Silc Silc Toolkit 1.1.1	2

Statements

contributor	Mark J Cox
lastmodified	2007-07-17
organization	Red Hat
statement	Not vulnerable. libsilc was not shipped with Enterprise Linux 2.1 or 3. This issue did not affect the versions of libsilc as shipped with Red Hat Enterprise Linux 4 or 5.

References

http://osvdb.org/36730
http://secunia.com/advisories/25939
http://silcnet.org/docs/changelog/changes.txt
http://www.securityfocus.com/bid/24795
http://www.silcnet.org/docs/release/SILC%20Toolkit%201.1.2
http://www.vupen.com/english/advisories/2007/2454
https://exchange.xforce.ibmcloud.com/vulnerabilities/35281