CVE-2004-2251

The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.astaro.org/showflat.php?Cat=&Number=51459&page=0&view=collapsed&sb=5&o=&fpart=1#51459	Patch
http://www.osvdb.org/11406
http://securitytracker.com/id?1012065	Patch
http://secunia.com/advisories/13089	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17959

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:astaro:security_linux:4.020:::::::*
	cpe:2.3:o:astaro:security_linux:4.021:::::::*
	cpe:2.3:o:astaro:security_linux:4.022:::::::*
	cpe:2.3:o:astaro:security_linux:4.023:::::::*
	cpe:2.3:o:astaro:security_linux:4.017:::::::*
	cpe:2.3:o:astaro:security_linux:4.018:::::::*
	cpe:2.3:o:astaro:security_linux:4.019:::::::*

Information

Published : 2004-12-30 21:00

Updated : 2017-07-10 18:31

NVD link : CVE-2004-2251

Mitre link : CVE-2004-2251

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

astaro

security_linux

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.astaro.org/showflat.php?Cat=&Number=51459&page=0&view=collapsed&sb=5&o=&fpart=1#51459", "name": "http://www.astaro.org/showflat.php?Cat=&Number=51459&page=0&view=collapsed&sb=5&o=&fpart=1#51459", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.osvdb.org/11406", "name": "11406", "tags": [], "refsource": "OSVDB"}, {"url": "http://securitytracker.com/id?1012065", "name": "1012065", "tags": ["Patch"], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/13089", "name": "13089", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17959", "name": "astaro-pptp-info-disclosure(17959)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-2251", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2004-12-31T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:astaro:security_linux:4.020:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:astaro:security_linux:4.021:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:astaro:security_linux:4.022:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:astaro:security_linux:4.023:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:astaro:security_linux:4.017:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:astaro:security_linux:4.018:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:astaro:security_linux:4.019:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:31Z"}