CVE-2001-0185
CVSS5.0
发布时间 :2001-03-26 00:00:00
修订时间 :2008-09-05 16:23:29
NMCOS    

[原文]Netopia R9100 router version 4.6 allows authenticated users to cause a denial of service by using the router's telnet program to connect to the router's IP address, which causes a crash.


[CNNVD]Netopia R9100 Router拒绝服务漏洞(CNNVD-200103-095)

        Netopia R9100 router 4.6版本存在漏洞。认证用户可以通过使用路由远程登录程序连接到IP地址导致服务拒绝,该漏洞还可以引起崩溃。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0185
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0185
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200103-095
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/2287
(VENDOR_ADVISORY)  BID  2287
http://xforce.iss.net/static/6001.php
(VENDOR_ADVISORY)  XF  netopia-telnet-dos
http://www.securityfocus.com/archive/1/157952
(VENDOR_ADVISORY)  BUGTRAQ  20010123 Make The Netopia R9100 Router To Crash

- 漏洞信息

Netopia R9100 Router拒绝服务漏洞
中危 其他
2001-03-26 00:00:00 2005-05-02 00:00:00
本地  
        Netopia R9100 router 4.6版本存在漏洞。认证用户可以通过使用路由远程登录程序连接到IP地址导致服务拒绝,该漏洞还可以引起崩溃。

- 公告与补丁

        The vendor released updates to address this issue. Please contact the vendor for information on obtaining and applying fixes.

- 漏洞信息

1742
Netopia R9100 Router DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2001-01-23 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Netopia R9100 Router Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 2287
No Yes
2001-01-24 12:00:00 2007-05-31 07:01:00
Reported to bugtraq by Julien Henry <nyc1660@freesurf.fr> on Tue, 23 Jan 2001.

- 受影响的程序版本

Netopia R9100 DSL Router 4.6

- 漏洞讨论

The Netopia R9100 Router, running firmware version 4.6, is vulnerable to a denial-of-service attack.

Under very specific circumstances, an attacker can cause the affected router to stop. By attempting to make a looped connection from the router's IP address back to the same address, the unit will crash. A manual restart is required to resume operation.

An attack prevents user-disconnect logging and may help the attacker carry out further attacks on the affected host or other systems on its network.

Netopia R9100 Router running firmware version 4.6 is vulnerable; subsequent (and current) versions are not vulnerable.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at mailto:vuldb@securityfocus.com.

- 解决方案

The vendor released updates to address this issue. Please contact the vendor for information on obtaining and applying fixes.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站