Lucene search

MitreCVE-2002-2148

HistoryNov 16, 2005 - 9:17 p.m.

CVE-2002-2148

2005-11-1621:17:00

mitre

web.nvd.nist.gov

lucent

ascend

max router

pipeline router

cve-2002-2148

security vulnerability

remote attack

sensitive information leak

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.006

Percentile

79.2%

JSON

Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response.

Affected configurations

Nvd

Node

lucentascend_max_routerMatch2.0

lucentascend_max_routerMatch3.0

lucentascend_max_routerMatch4.0

lucentascend_max_routerMatch5.0

lucentascend_max_routerMatch5.0_ap48

lucentascend_pipeline_routerMatch1.0

lucentascend_pipeline_routerMatch2.0

lucentascend_pipeline_routerMatch3.0

lucentascend_pipeline_routerMatch4.0

lucentascend_pipeline_routerMatch5.0

lucentascend_pipeline_routerMatch6.0

lucentascend_pipeline_routerMatch6.0.2

lucentdslterminator

VendorProductVersionCPE
lucentascend_max_router2.0cpe:2.3:h:lucent:ascend_max_router:2.0:*:*:*:*:*:*:*
lucentascend_max_router3.0cpe:2.3:h:lucent:ascend_max_router:3.0:*:*:*:*:*:*:*
lucentascend_max_router4.0cpe:2.3:h:lucent:ascend_max_router:4.0:*:*:*:*:*:*:*
lucentascend_max_router5.0cpe:2.3:h:lucent:ascend_max_router:5.0:*:*:*:*:*:*:*
lucentascend_max_router5.0_ap48cpe:2.3:h:lucent:ascend_max_router:5.0_ap48:*:*:*:*:*:*:*
lucentascend_pipeline_router1.0cpe:2.3:h:lucent:ascend_pipeline_router:1.0:*:*:*:*:*:*:*
lucentascend_pipeline_router2.0cpe:2.3:h:lucent:ascend_pipeline_router:2.0:*:*:*:*:*:*:*
lucentascend_pipeline_router3.0cpe:2.3:h:lucent:ascend_pipeline_router:3.0:*:*:*:*:*:*:*
lucentascend_pipeline_router4.0cpe:2.3:h:lucent:ascend_pipeline_router:4.0:*:*:*:*:*:*:*
lucentascend_pipeline_router5.0cpe:2.3:h:lucent:ascend_pipeline_router:5.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lucent	ascend_max_router	2.0	cpe:2.3:h:lucent:ascend_max_router:2.0:::::::*
lucent	ascend_max_router	3.0	cpe:2.3:h:lucent:ascend_max_router:3.0:::::::*
lucent	ascend_max_router	4.0	cpe:2.3:h:lucent:ascend_max_router:4.0:::::::*
lucent	ascend_max_router	5.0	cpe:2.3:h:lucent:ascend_max_router:5.0:::::::*
lucent	ascend_max_router	5.0_ap48	cpe:2.3:h:lucent:ascend_max_router:5.0_ap48:::::::*
lucent	ascend_pipeline_router	1.0	cpe:2.3:h:lucent:ascend_pipeline_router:1.0:::::::*
lucent	ascend_pipeline_router	2.0	cpe:2.3:h:lucent:ascend_pipeline_router:2.0:::::::*
lucent	ascend_pipeline_router	3.0	cpe:2.3:h:lucent:ascend_pipeline_router:3.0:::::::*
lucent	ascend_pipeline_router	4.0	cpe:2.3:h:lucent:ascend_pipeline_router:4.0:::::::*
lucent	ascend_pipeline_router	5.0	cpe:2.3:h:lucent:ascend_pipeline_router:5.0:::::::*

Rows per page:

1-10 of 131

References

online.securityfocus.com/archive/1/284650

www.iss.net/security_center/static/9704.php

www.securityfocus.com/bid/5335

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.006

Percentile

79.2%

JSON

Related for CVE-2002-2148