ExtremeZ-IP Multiple Remote Flaws

medium Nessus Network Monitor Plugin ID 4371

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running ExtremeZ-IP.

ExtremeZ-IP is a software product that allows for file sharing and printing between Mac and Windows machines. This version is reported to be vulnerable to a number of remote flaws. Specifically, the server is vulnerable to a denial of service attack within the Service Location Protocol (SLP) and Apple Filing Protocol (AFP). An attacker exploiting either of these two flaws would send malformed data to the service, resulting in a loss of service availability. The third flaw is a directory traversal flaw that would allow an attacker the ability to download certain files (those with an extension of gif, png, jpg, xml, ico, zip, and html) from outside the defined web directory. This can lead to a loss of confidential data.

Solution

Upgrade to a version higher than 5.1.2x15.

See Also

http://aluigi.altervista.org/adv/ezipirla-adv.txt

http://www.grouplogic.com/files/ez/hot/hotFix51.cfm

http://www.grouplogic.com/products

Plugin Details

Severity: Medium

ID: 4371

Family: Web Servers

Published: 2/11/2008

Updated: 3/6/2019

Nessus ID: 30253

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:group_logic:extremez-ip

Reference Information

CVE: CVE-2008-0758, CVE-2008-0759, CVE-2008-0767

BID: 27718