Denial of Service Vulnerability in Acronis Snap Deploy PXE Server
CVE-2008-1411

Currently unrated

Key Information:

Vendor: Acronis
Status: Snap Deploy
Vendor: CVE Published:; 20 March 2008

What is CVE-2008-1411?

The PXE Server (pxesrv.exe) in Acronis Snap Deploy versions 2.0.0.1076 and earlier is subject to a vulnerability that allows remote attackers to cause a denial of service condition. This is achieved through an incomplete TFTP request that results in a NULL pointer dereference, effectively crashing the service and impacting the availability of the server for legitimate users.

References

http://aluigi.altervista.org/adv/acropxe-adv.txt

x_refsource_MISC

http://www.vupen.com/english/advisories/2008/0814/references

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/28182

vdb-entryx_refsource_BID

EPSS Score

10% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 20, 2008
Vulnerability Reserved
Mar 19, 2008