CVE-1999-0524
published 1997-08-01CVE-1999-0524: ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
PriorityP423medium4CVSS 3.1
AVLACLPRNUINSUCNILAN
EPSS
31.59%
98.1th percentile
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVSS provenance
nvdv3.14.0MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
ABB M2M Gateway
cisa_ics·2025-04-15
ABB M2M Gateway
ICS Advisory
##
ABB M2M Gateway
Release DateApril 15, 2025
Alert CodeICSA-25-105-08
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: ABB
- Equipment: M2M Gateway
- Vulnerabilities: Integer Overflow or Wraparound, Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling'), Unquoted Search Path or Element, Untrusted Search Path, Use After Free, Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Missing Release of Memory after Effective Lifetime, Allocation of Resources Without Limits or Throttling, Improper Privilege Management, Improper Limitati
Red Hat
CVE-1999-0524: ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts
vendor_redhat·CVSS 2.1
CVE-1999-0524 [LOW] CVE-1999-0524: ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
Statement: Red Hat Enterprise Linux is configured by default to respond to all ICMP requests. Users may configure the firewall to prevent a system from responding to certain ICMP requests.
GHSA
GHSA-5qg4-5cpf-4r9p: ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts
ghsa_unreviewed·2022-04-30
CVE-1999-0524 [LOW] CWE-200 GHSA-5qg4-5cpf-4r9p: ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
No detection rules found.
No public exploits indexed.
http://descriptions.securescout.com/tc/11010http://descriptions.securescout.com/tc/11011http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1434http://www.osvdb.org/95https://exchange.xforce.ibmcloud.com/vulnerabilities/306https://exchange.xforce.ibmcloud.com/vulnerabilities/322https://kc.mcafee.com/corporate/index?page=content&id=SB10053http://descriptions.securescout.com/tc/11010http://descriptions.securescout.com/tc/11011http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1434http://www.osvdb.org/95https://exchange.xforce.ibmcloud.com/vulnerabilities/306https://exchange.xforce.ibmcloud.com/vulnerabilities/322https://kc.mcafee.com/corporate/index?page=content&id=SB10053https://support.f5.com/csp/article/K15277
1997-08-01
Published