Innovation Data Processing FDR Port Scan DoS

Credit: Anonymous
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-Other

CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Partial

Title: Innovation Data Processing FDR Port Scan DoS Release Date: 2009-10-14 Application: Innovation Data Processing FDR <unknown> Cross Ref: CVE-2006-6404, OSVDB 30782 Description: ------------ Innovation Data Processing's FDR Backup application is prone to a denial of service (DoS) condition. The loss of service can occur when the application is scanned with a common port scan utility (such as Nmap). When the application receives a typical TCP based port scan, it may stop accepting incoming connections and fail to process legitimate requests for backup. Product Details: ---------------- Vendor: Innovation Data Processing Product: FDR Version: <unknown> Proof of Concept: ----------------- # nmap -sS -p 1-65535 [target] Solution: --------- FDR tested this on all current products at the time of reporting and could not reproduce the issue. Upgrade to the latest version of FDR, as it properly handles port scan activity. Disclosure Timeline: -------------------- 2005-04-15: Vulnerability Discovered 2007-02-28: Disclosed to Vendor via e-mail to CVE: ---- This issue is a candidate for inclusion in the Common Vulnerabilities and Exposures (CVE) list (, which standardizes names for security problems. The CVE initiative has assigned CVE Candidate CVE-2006-6404 to this issue. References: ----------- OSVDB: Vendor: Nmap: DoS Information: Credit: ------- Anonymous


Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021,


Back to Top