Vulnerability Note VU#160460
Dell PowerConnect 6248P series switch denial of service vulnerability
Overview
Dell PowerConnect 6248P series switches contain a denial of service vulnerability when parsing malformed requests.
Description
Dell PowerConnect 6248P series switches contain a denial of service vulnerability when parsing malformed requests which could cause the switch to crash and become unavailable. |
Impact
An authenticated attacker can cause the Dell PowerConnect 6248P series switch to crash and become unavailable. |
Solution
We are currently unaware of a practical solution to this problem. |
Restrict Access |
Vendor Information (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Dell Computer Corporation, Inc. | Affected | 09 Jan 2013 | 18 Feb 2013 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | 7.8 | AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Temporal | 6.0 | E:POC/RL:W/RC:UC |
| Environmental | 1.6 | CDP:L/TD:L/CR:ND/IR:ND/AR:ND |
References
Credit
Thanks to Gary Blosser for reporting this vulnerability.
This document was written by Michael Orlando.
Other Information
- CVE IDs: CVE-2013-0120
- Date Public: 22 Feb 2013
- Date First Published: 22 Feb 2013
- Date Last Updated: 22 Feb 2013
- Document Revision: 8
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.