[Japanese]

JVNDB-2007-001000

Hitachi JP1/File Transmission Server/FTP Denial of Service Vulnerability

Overview

Hitachi JP1/File Transmission Server/FTP does not handle certain FTP command arguments properly, which could trigger Denial of Service (DoS) incidents.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Partial
Affected Products


Hitachi, Ltd
  • JP1/File Transmission Server/FTP

Impact

An attacker could cause a Denial of Service (DoS) condition using the FTP commands with certain file names.
Solution

Please refer to the 'Vendor Information' section for official remediation and take appropriate action.
Vendor Information

Hitachi, Ltd
  • Hitachi Software Vulnerability Information : HS07-038
CWE (What is CWE?)

  1. Improper Input Validation(CWE-20) [NVD Evaluation]
CVE (What is CVE?)

  1. CVE-2007-6146
References

  1. National Vulnerability Database (NVD) : CVE-2007-6146
  2. Secunia Advisory : SA27735
  3. SecurityFocus : 26542
  4. FrSIRT Advisories : FrSIRT/ADV-2007-3957
Revision History

  • [2008/05/21]
      Web page published

Date Public2007/11/16
Date First Published2008/05/21
Date Last Updated2008/05/21