CVE-2007-2796
Arris Cadant C3 CMTS Remote DoS Vulnerability
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option.
Arris Cadant C3 CMTS permite a atacantes remotos provocar una denegación de servicio (terminación del servicio) mediante un paquete IP mal formado con una opción IP inválida.
This vulnerability allows remote attackers to cause a denial of service on vulnerable Arris Cadant C3 CMTS systems. Authentication is not required to exploit this vulnerability.
The flaw exists due to mishandling of IP options. When an unknown or bad option is specified, the C3 will terminate disabling all service that is handled by that CMTS. The vulnerability can be triggered with a single malformed IP packet.
*Credits:
Anonymous
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-05-21 CVE Reserved
- 2007-06-11 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/37233 | Vdb Entry | |
| http://secunia.com/advisories/25611 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/471195/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/24430 | Vdb Entry | |
| http://www.securitytracker.com/id?1018220 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/2162 | Vdb Entry | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-036.html | X_refsource_misc |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34822 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Arris Search vendor "Arris" | Cadant C3 Cmts Search vendor "Arris" for product "Cadant C3 Cmts" | * | - |
Affected
| ||||||