Details of VAR-200412-0377

ID

VAR-200412-0377

CVE

CVE-2004-2377

TITLE

Alcatel OmniSwitch 7000 Series Security Scan Denial of Service Attack Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2004-0571 // CNNVD: CNNVD-200412-127

DESCRIPTION

Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled. Alcatel Omniswitch is a high-performance switch. The OmniSwitch 7000 series switch system has problems processing some types of network communications. Remote attackers can use this vulnerability to conduct denial of service attacks on the switch. When using Nessus for security scanning, it was found that the OmniSwitch 7000 series switches would be restarted, causing a denial of service. The problem is in the handling of scans by third-party security software. It has been reported that as a result of such scans, the switch reportedly reboots, impacting performance

Trust: 1.8

sources: NVD: CVE-2004-2377 // CNVD: CNVD-2004-0571 // BID: 9745 // VULHUB: VHN-10805

AFFECTED PRODUCTS

vendor:	alcatel	model:	omniswitch	scope:	eq	version:	7000	Trust: 1.6
vendor:	alcatel	model:	omniswitch 7800	scope:	eq	version:	*	Trust: 1.0
vendor:	none	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	alcatel	model:	omniswitch 7800	scope:	-	version:	-	Trust: 0.6
vendor:	alcatel lucent	model:	omniswitch	scope:	eq	version:	78000	Trust: 0.3
vendor:	alcatel lucent	model:	omniswitch	scope:	eq	version:	77000	Trust: 0.3

sources: CNVD: CNVD-2004-0571 // BID: 9745 // CNNVD: CNNVD-200412-127 // NVD: CVE-2004-2377

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-2377
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200412-127
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-10805
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-2377
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-10805
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-10805 // CNNVD: CNNVD-200412-127 // NVD: CVE-2004-2377

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-2377

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-127

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200412-127

EXTERNAL IDS

db:	NVD	id:	CVE-2004-2377	Trust: 2.3
db:	BID	id:	9745	Trust: 2.0
db:	SECUNIA	id:	10981	Trust: 1.7
db:	SECTRACK	id:	1009211	Trust: 1.7
db:	OSVDB	id:	4064	Trust: 1.7
db:	CNNVD	id:	CNNVD-200412-127	Trust: 0.7
db:	CNVD	id:	CNVD-2004-0571	Trust: 0.6
db:	XF	id:	15318	Trust: 0.6
db:	NSFOCUS	id:	6098	Trust: 0.6
db:	BUGTRAQ	id:	20040219 ALCATEL OMNISWITCH 7000 SERIES	Trust: 0.6
db:	VULHUB	id:	VHN-10805	Trust: 0.1

sources: CNVD: CNVD-2004-0571 // VULHUB: VHN-10805 // BID: 9745 // CNNVD: CNNVD-200412-127 // NVD: CVE-2004-2377

REFERENCES

url:	http://www.securityfocus.com/bid/9745	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/355134	Trust: 1.7
url:	http://www.osvdb.org/4064	Trust: 1.7
url:	http://securitytracker.com/id?1009211	Trust: 1.7
url:	http://secunia.com/advisories/10981	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/15318	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/15318	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/6098	Trust: 0.6
url:	http://www.ind.alcatel.com/products/index.cfm?cnt=omniswitch_7000	Trust: 0.3
url:	/archive/1/355134	Trust: 0.3

sources: VULHUB: VHN-10805 // BID: 9745 // CNNVD: CNNVD-200412-127 // NVD: CVE-2004-2377

CREDITS

Michael Shekman※ michaels80@ci.manchester.ct.us

Trust: 0.6

sources: CNNVD: CNNVD-200412-127

SOURCES

db:	CNVD	id:	CNVD-2004-0571
db:	VULHUB	id:	VHN-10805
db:	BID	id:	9745
db:	CNNVD	id:	CNNVD-200412-127
db:	NVD	id:	CVE-2004-2377

LAST UPDATE DATE

2024-08-14T14:59:24.440000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2004-0571	date:	2004-02-25T00:00:00
db:	VULHUB	id:	VHN-10805	date:	2017-07-11T00:00:00
db:	BID	id:	9745	date:	2004-02-25T00:00:00
db:	CNNVD	id:	CNNVD-200412-127	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-2377	date:	2017-07-11T01:31:50.670

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2004-0571	date:	2004-02-25T00:00:00
db:	VULHUB	id:	VHN-10805	date:	2004-12-31T00:00:00
db:	BID	id:	9745	date:	2004-02-25T00:00:00
db:	CNNVD	id:	CNNVD-200412-127	date:	2004-02-25T00:00:00
db:	NVD	id:	CVE-2004-2377	date:	2004-12-31T05:00:00