cpe:/a:extremez:print_server:5.1.2 cpe:/a:extremez-ip:file_server:5.1.2 CVE-2008-0767 2008-02-13T16:00:00.000-05:00 2011-03-07T22:05:25.157-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2008-02-14T13:06:00.000-05:00 BUGTRAQ 20080211 Multiple vulnerabilities in EztremeZ-IP File and Printer Server 5.1.2x15 BID 27718 SECUNIA 28862 VUPEN ADV-2008-0485 MISC http://aluigi.altervista.org/adv/ezipirla-adv.txt MISC http://aluigi.org/poc/ezipirla.zip CONFIRM http://www.grouplogic.com/files/ez/hot/hotFix51.cfm ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier does not verify that a certain "number of URLs" field is consistent with the packet length, which allows remote attackers to cause a denial of service (daemon crash) via a large integer in this field in a packet to the Service Location Protocol (SLP) service on UDP port 427, triggering an out-of-bounds read.