Details of VAR-200412-0303

ID

VAR-200412-0303

CVE

CVE-2004-2457

TITLE

3Com OfficeConnect ADSL Wireless 11g Firewall Router Remote Denial Of Service Vulnerability

Trust: 0.9

sources: BID: 11685 // CNNVD: CNNVD-200412-816

DESCRIPTION

Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic. This issue is due to a failure of the application to handle anomalous network traffic. An attacker may leverage this issue to cause the affected router to crash, denying service to legitimate users

Trust: 1.17

sources: NVD: CVE-2004-2457 // BID: 11685

AFFECTED PRODUCTS

vendor:	3com	model:	3crwe754g72-a	scope:	eq	version:	1.24	Trust: 1.6
vendor:	3com	model:	3crwe754g72-a	scope:	eq	version:	1.13	Trust: 1.6
vendor:	3com	model:	3crwe754g72-a	scope:	eq	version:	1.27	Trust: 1.6
vendor:	3com	model:	3crwe754g72-a	scope:	eq	version:	1.23	Trust: 1.6
vendor:	3com	model:	officeconnect adsl wireless 11g firewall router	scope:	eq	version:	1.27	Trust: 0.3
vendor:	3com	model:	officeconnect adsl wireless 11g firewall router	scope:	eq	version:	1.24	Trust: 0.3
vendor:	3com	model:	officeconnect adsl wireless 11g firewall router	scope:	eq	version:	1.23	Trust: 0.3
vendor:	3com	model:	officeconnect adsl wireless 11g firewall router	scope:	eq	version:	1.13	Trust: 0.3
vendor:	3com	model:	officeconnect adsl wireless 11g firewall router	scope:	ne	version:	1.2.15	Trust: 0.3

sources: BID: 11685 // CNNVD: CNNVD-200412-816 // NVD: CVE-2004-2457

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-2457
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200412-816
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2004-2457
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0

sources: CNNVD: CNNVD-200412-816 // NVD: CVE-2004-2457

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-2457

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-816

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200412-816

EXTERNAL IDS

db:	BID	id:	11685	Trust: 1.9
db:	OSVDB	id:	11839	Trust: 1.6
db:	NVD	id:	CVE-2004-2457	Trust: 1.6
db:	XF	id:	3	Trust: 0.6
db:	XF	id:	18081	Trust: 0.6
db:	CNNVD	id:	CNNVD-200412-816	Trust: 0.6

sources: BID: 11685 // CNNVD: CNNVD-200412-816 // NVD: CVE-2004-2457

REFERENCES

url:	http://www.securityfocus.com/bid/11685	Trust: 1.6
url:	http://www.osvdb.org/11839	Trust: 1.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/18081	Trust: 1.0
url:	http://xforce.iss.net/xforce/xfdb/18081	Trust: 0.6
url:	http://www.3com.com/products/en_us/detail.jsp?tab=features&pathtype=purchase&sku=3crwe754g72-a	Trust: 0.3
url:	http://www.3com.com/products/en_us/result.jsp?selected=all&sort=effdt&order=desc&sku=3crwe754g72-a	Trust: 0.3

sources: BID: 11685 // CNNVD: CNNVD-200412-816 // NVD: CVE-2004-2457

CREDITS

The individual responsible for the discovery of this issue is currently unknown; the vendor disclosed this issue.

Trust: 0.9

sources: BID: 11685 // CNNVD: CNNVD-200412-816

SOURCES

db:	BID	id:	11685
db:	CNNVD	id:	CNNVD-200412-816
db:	NVD	id:	CVE-2004-2457

LAST UPDATE DATE

2024-08-14T12:53:00.857000+00:00

SOURCES UPDATE DATE

db:	BID	id:	11685	date:	2004-11-16T00:00:00
db:	CNNVD	id:	CNNVD-200412-816	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-2457	date:	2017-07-11T01:31:54.873

SOURCES RELEASE DATE

db:	BID	id:	11685	date:	2004-11-16T00:00:00
db:	CNNVD	id:	CNNVD-200412-816	date:	2004-12-31T00:00:00
db:	NVD	id:	CVE-2004-2457	date:	2004-12-31T05:00:00