|
[Japanese]
|
JVNDB-2010-000020
|
CapsSuite Small Edition PatchMeister vulnerable to denial of service
|
|
CapsSuite Small Edition PatchMeister contains a denial of service (DoS) vulnerability.
CapsSuite Small Edition PatchMeister is a product that manages the application of security patches. CapsSuite Small Edition PatchMeister contains a denial of service (DoS) vulnerability.
Servers or workstations that installed "Client Service for PTM" from the following products are vulnerable.
* CapsSuite Small Edition PatchMeister Ver2.0 Update2 and earlier
|
|
CVSS V2 Severity:
Base Metrics 7.8 (High) [IPA Score]
- Access Vector: Network
- Access Complexity: Low
- Authentication: None
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Complete
|
|
|
NEC Corporation
- CapsSuite Small Edition PatchMeister Ver2.0 Update2 and earlier
|
|
|
On a server or workstation with "Client Service for PTM" installed, a remote attacker may shut down or restart the operating system.
|
|
[Update the Software]
Update to the latest version according to the information provided by the developer.
[Filter traffic using a firewall]
Deny access to port 56015 for packets that do not have a source IP of the CapsSuite Small Edition PatchMeister server.
For more information, refer to the developer's website.
|
|
NEC Corporation
- NEC Security Information : NV10-005 (Japanese)
|
|
- No Mapping(CWE-DesignError) [IPA Evaluation]
|
|
- CVE-2010-1943
|
|
- JVN : JVN#82749282
- National Vulnerability Database (NVD) : CVE-2010-1943
- IPA SECURITY ALERTS : Security Alert for Vulnerability in CapsSuite Small Edition PatchMeister
- Secunia Advisory : SA39800
- SecurityFocus : 40190
- VUPEN Security : VUPEN/ADV-2010-1166
- OPEN SOURCE VULNERABILITY DATABASE (OSVDB) : 64701
|
|
- [2010/05/17]
Web page published
|
