ID

VAR-200409-0059


CVE

CVE-2004-1663


TITLE

LSI Logic storage controllers Security hole

Trust: 0.6

sources: CNNVD: CNNVD-200409-010

DESCRIPTION

Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets. It is reported that hardware based on Engenio Storage Controllers are prone to a remote denial of service vulnerability. This could also result reportedly result in unrecoverable corruption of data. Affected hardware includes Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches. Other devices may be affected such as other Storagetek and IBM FastT storage controllers, SGI, and Teradata storage controllers though this has not confirmed. The problem may exist in the underlying vxWorks operating system though this has also not been confirmed

Trust: 1.26

sources: NVD: CVE-2004-1663 // BID: 11108 // VULHUB: VHN-10093

AFFECTED PRODUCTS

vendor:brocademodel:silkworm fiber channel switchscope:eqversion:2050

Trust: 1.9

vendor:brocademodel:silkworm fiber channel switchscope:eqversion:2040

Trust: 1.9

vendor:brocademodel:silkworm fiber channel switchscope:eqversion:2010

Trust: 1.9

vendor:brocademodel:silkwormscope:eqversion:3900

Trust: 1.9

vendor:brocademodel:silkwormscope:eqversion:3850

Trust: 1.9

vendor:brocademodel:silkwormscope:eqversion:3800

Trust: 1.9

vendor:brocademodel:silkwormscope:eqversion:3250

Trust: 1.9

vendor:brocademodel:silkwormscope:eqversion:3200

Trust: 1.9

vendor:engeniomodel:storage controllerscope:eqversion:5884

Trust: 1.3

vendor:engeniomodel:storage controllerscope:eqversion:4884

Trust: 1.3

vendor:engeniomodel:storage controllerscope:eqversion:2882

Trust: 1.3

vendor:engeniomodel:storage controllerscope:eqversion:2822

Trust: 1.3

vendor:broadcommodel:fabric operating systemscope:eqversion:2.1.2

Trust: 1.0

vendor:broadcommodel:fabric operating systemscope:eqversion:2.2

Trust: 1.0

vendor:broadcommodel:fabric operating systemscope:eqversion:3.1

Trust: 1.0

vendor:ibmmodel:ds4100scope:eqversion:*

Trust: 1.0

vendor:storagetekmodel:d280scope:eqversion:*

Trust: 1.0

vendor:storagetekmodel:d280scope: - version: -

Trust: 0.3

vendor:ibmmodel:ds4100scope: - version: -

Trust: 0.3

vendor:brocademodel:fabric osscope:eqversion:3.1

Trust: 0.3

vendor:brocademodel:fabric osscope:eqversion:2.2

Trust: 0.3

vendor:brocademodel:fabric osscope:eqversion:2.1.2

Trust: 0.3

sources: BID: 11108 // CNNVD: CNNVD-200409-010 // NVD: CVE-2004-1663

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-1663
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200409-010
value: MEDIUM

Trust: 0.6

VULHUB: VHN-10093
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2004-1663
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-10093
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-10093 // CNNVD: CNNVD-200409-010 // NVD: CVE-2004-1663

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1663

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200409-010

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200409-010

EXTERNAL IDS

db:BIDid:11108

Trust: 2.0

db:NVDid:CVE-2004-1663

Trust: 1.7

db:SECUNIAid:12464

Trust: 1.7

db:CNNVDid:CNNVD-200409-010

Trust: 0.7

db:VULHUBid:VHN-10093

Trust: 0.1

sources: VULHUB: VHN-10093 // BID: 11108 // CNNVD: CNNVD-200409-010 // NVD: CVE-2004-1663

REFERENCES

url:http://www.securityfocus.com/bid/11108

Trust: 1.7

url:http://secunia.com/advisories/12464

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/17290

Trust: 1.7

url:http://marc.info/?l=bugtraq&m=109435831811484&w=2

Trust: 1.6

url:http://www.storagetek.com/products/category_page2004.html

Trust: 0.3

url:http://www.engenio.com/

Trust: 0.3

url:http://www.storage.ibm.com/disk/fastt/

Trust: 0.3

url:/archive/1/374246

Trust: 0.3

url:http://marc.info/?l=bugtraq&m=109435831811484&w=2

Trust: 0.1

sources: VULHUB: VHN-10093 // BID: 11108 // CNNVD: CNNVD-200409-010 // NVD: CVE-2004-1663

CREDITS

Discovery is credited to Frank Denis.

Trust: 0.9

sources: BID: 11108 // CNNVD: CNNVD-200409-010

SOURCES

db:VULHUBid:VHN-10093
db:BIDid:11108
db:CNNVDid:CNNVD-200409-010
db:NVDid:CVE-2004-1663

LAST UPDATE DATE

2024-08-14T15:15:07.573000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-10093date:2017-07-11T00:00:00
db:BIDid:11108date:2004-09-04T00:00:00
db:CNNVDid:CNNVD-200409-010date:2021-06-27T00:00:00
db:NVDid:CVE-2004-1663date:2021-06-22T15:19:34.840

SOURCES RELEASE DATE

db:VULHUBid:VHN-10093date:2004-09-04T00:00:00
db:BIDid:11108date:2004-09-04T00:00:00
db:CNNVDid:CNNVD-200409-010date:2004-09-04T00:00:00
db:NVDid:CVE-2004-1663date:2004-09-04T04:00:00