Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.108951
Category:Denial of Service
Title:AVM FRITZ!Box TCP SACK PANIC - Kernel Vulnerabilities
Summary:Multiple AVM FRITZ!Box devices are prone to multiple Denial of Service; vulnerabilities.
Description:Summary:
Multiple AVM FRITZ!Box devices are prone to multiple Denial of Service
vulnerabilities.

Vulnerability Insight:
Three related flaws were found in the Linux kernel's handling of TCP Selective
Acknowledgement (SACK) packets handling with low MSS size.

Vulnerability Impact:
The extent of impact is understood to be limited to denial of service at this
time. No privilege escalation or information leak is currently suspected

Affected Software/OS:
AVM FRITZ!Box devices running AVM FRITZ!OS before version 7.12.

Solution:
Update to AVM FRITZ!OS 7.12 or later.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-11477
Common Vulnerability Exposure (CVE) ID: CVE-2019-11478
Common Vulnerability Exposure (CVE) ID: CVE-2019-11479
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.