Denial of Service : Nero MediaHome Server Multiple Remote DoS Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.803150

Categoría: Denial of Service

Título: Nero MediaHome Server Multiple Remote DoS Vulnerabilities

Resumen: Nero MediaHome Server is prone to multiple denial of service; vulnerabilities.

Descripción: Summary:
Nero MediaHome Server is prone to multiple denial of service
vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to improper handling of the URI length,
HTTP OPTIONS method length, HTTP HEAD request, HTTP REFERER and HTTP HOST header
within the 'NMMediaServer.dll' in dynamic-link library which allows attackers to
cause denial of service condition by sending a specially crafted packet
to port 54444/TCP.

Vulnerability Impact:
Successful exploitation will allow remote attackers to cause the
application to crash, creating a denial-of-service condition.

Affected Software/OS:
Nero MediaHome Server version 4.5.8.100 and prior.

Solution:
No known solution was made available for at least one year since
the disclosure of this vulnerability. Likely none will be provided anymore. General solution options
are to upgrade to a newer release, disable respective features, remove the product or replace the
product by another one.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-5876
BugTraq ID: 57253
http://www.securityfocus.com/bid/57253
Bugtraq: 20130109 Nero MediaHome Multiple Remote DoS Vulnerabilities (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2013-01/0037.html
http://www.exploit-db.com/exploits/24022
https://www.htbridge.com/advisory/HTB23130
http://osvdb.org/89149
http://www.osvdb.org/89150
XForce ISS Database: mediahome-nmmediaserver-dos(81103)
https://exchange.xforce.ibmcloud.com/vulnerabilities/81103
Common Vulnerability Exposure (CVE) ID: CVE-2012-5877
http://osvdb.org/89151
XForce ISS Database: mediahome-httphost-dos(81107)
https://exchange.xforce.ibmcloud.com/vulnerabilities/81107

Copyright Copyright (C) 2013 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.803150
Categoría:	Denial of Service
Título:	Nero MediaHome Server Multiple Remote DoS Vulnerabilities
Resumen:	Nero MediaHome Server is prone to multiple denial of service; vulnerabilities.
Descripción:	Summary: Nero MediaHome Server is prone to multiple denial of service vulnerabilities. Vulnerability Insight: Multiple flaws are due to improper handling of the URI length, HTTP OPTIONS method length, HTTP HEAD request, HTTP REFERER and HTTP HOST header within the 'NMMediaServer.dll' in dynamic-link library which allows attackers to cause denial of service condition by sending a specially crafted packet to port 54444/TCP. Vulnerability Impact: Successful exploitation will allow remote attackers to cause the application to crash, creating a denial-of-service condition. Affected Software/OS: Nero MediaHome Server version 4.5.8.100 and prior. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-5876 BugTraq ID: 57253 http://www.securityfocus.com/bid/57253 Bugtraq: 20130109 Nero MediaHome Multiple Remote DoS Vulnerabilities (Google Search) http://archives.neohapsis.com/archives/bugtraq/2013-01/0037.html http://www.exploit-db.com/exploits/24022 https://www.htbridge.com/advisory/HTB23130 http://osvdb.org/89149 http://www.osvdb.org/89150 XForce ISS Database: mediahome-nmmediaserver-dos(81103) https://exchange.xforce.ibmcloud.com/vulnerabilities/81103 Common Vulnerability Exposure (CVE) ID: CVE-2012-5877 http://osvdb.org/89151 XForce ISS Database: mediahome-httphost-dos(81107) https://exchange.xforce.ibmcloud.com/vulnerabilities/81107
Copyright	Copyright (C) 2013 Greenbone AG