Details of VAR-200311-0101

ID

VAR-200311-0101

TITLE

HP ProCurve Switch Remote Denial of Service Attack Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2003-3479

DESCRIPTION

The HP ProCurve Switch is an enterprise network switch. The HP ProCurve Switch has problems handling RCP worms such as W32.Welchia.Worm (MCID 1811) and W32.Blaster.Worm (MCID 1761), causing the switch to stop responding to normal requests, causing a denial of service attack. There are currently no detailed details of the vulnerability. This issue is reported to result in deteriorated network traffic and a denial of service condition for end users

Trust: 0.81

sources: CNVD: CNVD-2003-3479 // BID: 9103

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2003-3479

AFFECTED PRODUCTS

vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	hp	model:	procurve switch 5372xl j4848a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 5348xl j4849a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 5308xl j4819a	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	procurve switch 5304xl j4850a	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2003-3479 // BID: 9103

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2003-3479
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2003-3479
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2003-3479

THREAT TYPE

network

Trust: 0.3

sources: BID: 9103

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 9103

PATCH

title:

Patch for HP ProCurve Switch Remote Denial of Service Attack Vulnerability

url:

https://www.cnvd.org.cn/patchinfo/show/42723

Trust: 0.6

sources: CNVD: CNVD-2003-3479

EXTERNAL IDS

db:	BID	id:	9103	Trust: 0.9
db:	CNVD	id:	CNVD-2003-3479	Trust: 0.6

sources: CNVD: CNVD-2003-3479 // BID: 9103

REFERENCES

url:

http://www.securityfocus.com/bid/9103

Trust: 0.6

sources: CNVD: CNVD-2003-3479

CREDITS

The disclosure of this issue has been credited to the vendor.

Trust: 0.3

sources: BID: 9103

SOURCES

db:	CNVD	id:	CNVD-2003-3479
db:	BID	id:	9103

LAST UPDATE DATE

2022-05-17T01:50:38.567000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2003-3479	date:	2014-01-24T00:00:00
db:	BID	id:	9103	date:	2003-11-26T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2003-3479	date:	2003-11-26T00:00:00
db:	BID	id:	9103	date:	2003-11-26T00:00:00