Mandiant First Response Multiple Denial of Service and Agent Hijacking Vulnerabilities
BID:21548
Info
Mandiant First Response Multiple Denial of Service and Agent Hijacking Vulnerabilities
| Bugtraq ID: | 21548 |
| Class: | Unknown |
| CVE: |
CVE-2006-6475 CVE-2006-6476 CVE-2006-6477 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 18 2006 12:00AM |
| Updated: | Dec 18 2006 06:13PM |
| Credit: | Brian Reilly and Scott King are credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Mandiant First Response 1.1 |
| Not Vulnerable: |
Mandiant First Response 1.1.1 |
Discussion
Mandiant First Response Multiple Denial of Service and Agent Hijacking Vulnerabilities
Mandiant First Response is prone to multiple vulnerabilities, including denial-of-service issues and an agent-hijacking issue.
Exploiting these issues allows remote attackers to crash the application, denying further service to legitimate users, and to potentially control the data between the client and server.
Mandiant First Response is prone to multiple vulnerabilities, including denial-of-service issues and an agent-hijacking issue.
Exploiting these issues allows remote attackers to crash the application, denying further service to legitimate users, and to potentially control the data between the client and server.
Exploit / POC
Mandiant First Response Multiple Denial of Service and Agent Hijacking Vulnerabilities
An attacker can use standard networking tools to exploit these issues.
An attacker can use standard networking tools to exploit these issues.
Solution / Fix
Mandiant First Response Multiple Denial of Service and Agent Hijacking Vulnerabilities
Solution:
The vendor has released version 1.1.1 to address this issue.
Please see the referenced advisories for more information.
Solution:
The vendor has released version 1.1.1 to address this issue.
Please see the referenced advisories for more information.
References
Mandiant First Response Multiple Denial of Service and Agent Hijacking Vulnerabilities
References:
References: