CVE-2007-3253 - Vulnerability Details - OpenCVE

Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing virus scanned web pages; and (3) a disconnection during a streaming session.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Astaro	Security Gateway

Configuration 1 [-]

cpe:2.3:h:astaro:security_gateway:7.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://osvdb.org/37345
http://osvdb.org/37346
http://secunia.com/advisories/25694
http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html
http://www.securityfocus.com/bid/24492
http://www.vupen.com/english/advisories/2007/2220
https://exchange.xforce.ibmcloud.com/vulnerabilities/34882
https://exchange.xforce.ibmcloud.com/vulnerabilities/34884

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-06-18T10:00:00

Updated: 2024-08-07T14:14:11.473Z

Reserved: 2007-06-18T00:00:00

Link: CVE-2007-3253

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-06-18T10:30:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-3253

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-06-15T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing virus scanned web pages; and (3) a disconnection during a streaming session."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html"}, {"name": "37346", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/37346"}, {"name": "25694", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25694"}, {"name": "37345", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/37345"}, {"name": "astaro-http-proxy-dos(34884)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34884"}, {"name": "24492", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24492"}, {"name": "ADV-2007-2220", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2220"}, {"name": "astaro-smtp-proxy-dos(34882)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34882"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-3253", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing virus scanned web pages; and (3) a disconnection during a streaming session."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html", "refsource": "CONFIRM", "url": "http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html"}, {"name": "37346", "refsource": "OSVDB", "url": "http://osvdb.org/37346"}, {"name": "25694", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25694"}, {"name": "37345", "refsource": "OSVDB", "url": "http://osvdb.org/37345"}, {"name": "astaro-http-proxy-dos(34884)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34884"}, {"name": "24492", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24492"}, {"name": "ADV-2007-2220", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2220"}, {"name": "astaro-smtp-proxy-dos(34882)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34882"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:14:11.473Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html"}, {"name": "37346", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/37346"}, {"name": "25694", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25694"}, {"name": "37345", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/37345"}, {"name": "astaro-http-proxy-dos(34884)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34884"}, {"name": "24492", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24492"}, {"name": "ADV-2007-2220", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2220"}, {"name": "astaro-smtp-proxy-dos(34882)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34882"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-3253", "datePublished": "2007-06-18T10:00:00", "dateReserved": "2007-06-18T00:00:00", "dateUpdated": "2024-08-07T14:14:11.473Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:astaro:security_gateway:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "B0116A94-DB98-4175-9993-A64ACEF1D571", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing virus scanned web pages; and (3) a disconnection during a streaming session."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en Astaro Security Gateway (ASG) anterior a 7.005 permite a atacantes remotos provocar denegaci\u00f3n de servicio a trav\u00e9s de (1) ciertos email, el cual para el Proxy SMTP durante el proceso de escaneo; (2) cierto tr\u00e1fico HTTP, el cual para o reduce el proxy HTTP durante la respuesta HTTP conteniendo virus escaneados en ciertas p\u00e1ginas web; y (3) una desconexi\u00f3n durante una sesi\u00f3n de streaming."}], "id": "CVE-2007-3253", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-06-18T10:30:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/37345"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/37346"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25694"}, {"source": "cve@mitre.org", "url": "http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24492"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2220"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34882"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34884"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/37345"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/37346"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25694"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24492"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2220"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34882"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34884"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}