Vulnerability Details : CVE-2008-2092
Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: the severity of this issue has been disputed since there are limited attack scenarios.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2008-2092
Probability of exploitation activity in the next 30 days: 14.65%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-2092
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2008-2092
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-2092
-
http://marc.info/?l=bugtraq&m=120645736414059&w=2
-
http://www.securityfocus.com/bid/28414
Exploit
-
http://marc.info/?l=bugtraq&m=120638162819268&w=2
-
http://marc.info/?l=bugtraq&m=120637551306325&w=2
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/41436
-
http://marc.info/?l=bugtraq&m=120637257800425&w=2
-
http://marc.info/?l=bugtraq&m=120638296821936&w=2
Products affected by CVE-2008-2092
- cpe:2.3:a:linksys:spa-2102_phone_adapter:3.3.6:*:*:*:*:*:*:*