CVE-2002-0350
CVSS7.8
发布时间 :2002-06-25 00:00:00
修订时间 :2016-10-17 22:19:41
NMCOS    

[原文]HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service.


[CNNVD]HP ProCurve Switch拒绝服务漏洞(CNNVD-200206-071)

        
        HP ProCurve Switch是HP公司生产的交换机产品。
        ProCurve Switch TCP/IP堆栈实现上存在问题,远程攻击者可能对设备实施拒绝服务攻击。
        用nmap对HP ProCurve 4000M Ethernet switch进行端口扫描,引起交换机管理IP无法提供telnet服务。但是可以通过ICMP、SNMP继续对交换机进行管理,并且不影响已经建立的telnet连接。
        

- CVSS (基础分值)

CVSS分值: 7.8 [严重(HIGH)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/h:hp:procurve_switch_4000m:c.09.09HP procurve switch 4000m c.09.09
cpe:/h:hp:procurve_switch_4000m:c.08.22HP procurve switch 4000m c.08.22

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0350
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0350
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200206-071
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=101500123900612&w=2
(UNKNOWN)  BUGTRAQ  20020301 DoS on HP ProCurve 4000M switch (possibly others)
http://www.iss.net/security_center/static/8329.php
(VENDOR_ADVISORY)  XF  hp-procurve-portscan-dos(8329)
http://www.securityfocus.com/bid/4212
(UNKNOWN)  BID  4212

- 漏洞信息

HP ProCurve Switch拒绝服务漏洞
高危 其他
2002-06-25 00:00:00 2007-05-07 00:00:00
远程  
        
        HP ProCurve Switch是HP公司生产的交换机产品。
        ProCurve Switch TCP/IP堆栈实现上存在问题,远程攻击者可能对设备实施拒绝服务攻击。
        用nmap对HP ProCurve 4000M Ethernet switch进行端口扫描,引起交换机管理IP无法提供telnet服务。但是可以通过ICMP、SNMP继续对交换机进行管理,并且不影响已经建立的telnet连接。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 尽可能把交换机的管理地址从网段的地址中独立出来,避免使之被无意地扫描到。
        厂商补丁:
        HP
        --
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.hp.com/rnd/

- 漏洞信息

10863
HP ProCurve 4000M Switch Management IP Portscan DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-02-28 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

HP ProCurve Switch Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 4212
Yes No
2002-03-01 12:00:00 2009-07-11 10:56:00
Discovered by Jon Snyder <jon@pdx.edu>.

- 受影响的程序版本

HP Procurve Switch 4000M

- 漏洞讨论

A problem with the switch could make it possible to deny telnet service to legitimate users of the device. The problem is in the handling of port scans by the device.

A ProCurve switch could be led to deny telnet users service of the switch. When the switch is portscanned by a tool such as nmap, which is capable of producing a high amount of TCP connect() requests in a short period of time, the switch will no longer accept new telnet connections.

Reportedly, this issue does not affect ICMP or SNMP management of the device, nor are existing telnet sessions disconnected. Rebooting the switch may be required in order to regain normal functionality.

HP ProCurve 4000M with firmware version C.09.09 or C.08.22 are reported to be susceptible to this issue.

- 漏洞利用

No exploit code required.

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站