Vulnerabilities > CVE-2017-15665 - Improperly Implemented Security Check for Standard vulnerability in Flexense Diskboss 8.5.12

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
flexense
CWE-358
exploit available

Summary

In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 8094.

Vulnerable Configurations

Part Description Count
Application
Flexense
1

Exploit-Db

descriptionDiskBoss Enterprise 8.5.12 - Denial of Service. CVE-2017-15665. Dos exploit for Windows platform
fileexploits/windows/dos/43454.py
idEDB-ID:43454
last seen2018-01-24
modified2018-01-08
platformwindows
port
published2018-01-08
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/43454/
titleDiskBoss Enterprise 8.5.12 - Denial of Service
typedos

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/145756/diskbossent8512-dos.txt
idPACKETSTORM:145756
last seen2018-01-10
published2018-01-09
reporterAhmad Mahfouz
sourcehttps://packetstormsecurity.com/files/145756/DiskBoss-Enterprise-8.5.12-Denial-Of-Service.html
titleDiskBoss Enterprise 8.5.12 Denial Of Service