Search criteria
3 vulnerabilities found for emr5000 by skystream
VAR-200212-0882
Vulnerability from variot - Updated: 2022-05-17 02:08The SkyStream Edge Media Router-5000 (EMR5000) is a DVB multicast router product. The Edge Media Router comes with shell support for client access, allowing users to manage and configure the system through this. An overflow vulnerability exists in the user shell implementation that could be exploited by a remote attacker to escalate its privileges. The shell program does not use the GNU readline library, but implements its own dedicated shell control process. There is a buffer overflow problem when reading and verifying user input. An attacker who has obtained shell access rights may use this vulnerability to execute arbitrary instructions. Your own permissions. It is possible to trigger this condition by supplying an overly long string from the command line of the client shell
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0882",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "skystream",
"scope": "eq",
"trust": 0.6,
"vendor": "emr5000",
"version": "1.18"
},
{
"model": "skystream",
"scope": "eq",
"trust": 0.6,
"vendor": "emr5000",
"version": "1.17"
},
{
"model": "skystream",
"scope": "eq",
"trust": 0.6,
"vendor": "emr5000",
"version": "1.16"
},
{
"model": "emr5000",
"scope": "eq",
"trust": 0.3,
"vendor": "skystream",
"version": "1.18"
},
{
"model": "emr5000",
"scope": "eq",
"trust": 0.3,
"vendor": "skystream",
"version": "1.17"
},
{
"model": "emr5000",
"scope": "eq",
"trust": 0.3,
"vendor": "skystream",
"version": "1.16"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4398"
},
{
"db": "BID",
"id": "6486"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery of this issue is credited to Global InterSec Research \u003cresearch@globalintersec.com\u003e.",
"sources": [
{
"db": "BID",
"id": "6486"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2002-4398",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2002-4398",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4398"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SkyStream Edge Media Router-5000 (EMR5000) is a DVB multicast router product. The Edge Media Router comes with shell support for client access, allowing users to manage and configure the system through this. An overflow vulnerability exists in the user shell implementation that could be exploited by a remote attacker to escalate its privileges. The shell program does not use the GNU readline library, but implements its own dedicated shell control process. There is a buffer overflow problem when reading and verifying user input. An attacker who has obtained shell access rights may use this vulnerability to execute arbitrary instructions. Your own permissions. It is possible to trigger this condition by supplying an overly long string from the command line of the client shell",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4398"
},
{
"db": "BID",
"id": "6486"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "6486",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2002-4398",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4398"
},
{
"db": "BID",
"id": "6486"
}
]
},
"id": "VAR-200212-0882",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4398"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4398"
}
]
},
"last_update_date": "2022-05-17T02:08:45.821000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SkyStream Edge Media Router-5000 Local Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/36186"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4398"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0255.html"
},
{
"trust": 0.3,
"url": "/archive/1/304534"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4398"
},
{
"db": "BID",
"id": "6486"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-4398"
},
{
"db": "BID",
"id": "6486"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-4398"
},
{
"date": "2002-12-27T00:00:00",
"db": "BID",
"id": "6486"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-4398"
},
{
"date": "2002-12-27T00:00:00",
"db": "BID",
"id": "6486"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "6486"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SkyStream Edge Media Router-5000 Local Buffer Overflow Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4398"
},
{
"db": "BID",
"id": "6486"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "6486"
}
],
"trust": 0.3
}
}
CVE-2002-1912 (GCVE-0-2002-1912)
Vulnerability from cvelistv5 – Published: 2005-06-28 04:00 – Updated: 2024-08-08 03:43
VLAI?
Summary
SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5977",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5977"
},
{
"name": "skystream-emr5000-kernel-dos(10380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10380.php"
},
{
"name": "20021016 [GIS 2002021001] SkyStream EMR5000 DVB router DoS.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/295516"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.globalintersec.com/adv/skystream-2002021001.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:39:37",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5977",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5977"
},
{
"name": "skystream-emr5000-kernel-dos(10380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10380.php"
},
{
"name": "20021016 [GIS 2002021001] SkyStream EMR5000 DVB router DoS.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/295516"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.globalintersec.com/adv/skystream-2002021001.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5977",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5977"
},
{
"name": "skystream-emr5000-kernel-dos(10380)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10380.php"
},
{
"name": "20021016 [GIS 2002021001] SkyStream EMR5000 DVB router DoS.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/295516"
},
{
"name": "http://www.globalintersec.com/adv/skystream-2002021001.txt",
"refsource": "MISC",
"url": "http://www.globalintersec.com/adv/skystream-2002021001.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1912",
"datePublished": "2005-06-28T04:00:00",
"dateReserved": "2005-06-29T00:00:00",
"dateUpdated": "2024-08-08T03:43:33.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1912 (GCVE-0-2002-1912)
Vulnerability from nvd – Published: 2005-06-28 04:00 – Updated: 2024-08-08 03:43
VLAI?
Summary
SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5977",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5977"
},
{
"name": "skystream-emr5000-kernel-dos(10380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10380.php"
},
{
"name": "20021016 [GIS 2002021001] SkyStream EMR5000 DVB router DoS.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/295516"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.globalintersec.com/adv/skystream-2002021001.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:39:37",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5977",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5977"
},
{
"name": "skystream-emr5000-kernel-dos(10380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10380.php"
},
{
"name": "20021016 [GIS 2002021001] SkyStream EMR5000 DVB router DoS.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/295516"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.globalintersec.com/adv/skystream-2002021001.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5977",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5977"
},
{
"name": "skystream-emr5000-kernel-dos(10380)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10380.php"
},
{
"name": "20021016 [GIS 2002021001] SkyStream EMR5000 DVB router DoS.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/295516"
},
{
"name": "http://www.globalintersec.com/adv/skystream-2002021001.txt",
"refsource": "MISC",
"url": "http://www.globalintersec.com/adv/skystream-2002021001.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1912",
"datePublished": "2005-06-28T04:00:00",
"dateReserved": "2005-06-29T00:00:00",
"dateUpdated": "2024-08-08T03:43:33.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}