Sign-up

ID

VAR-200508-0211


CVE

CVE-2005-2487


TITLE

McDATA E/OS Remote Denial Of Service Vulnerability

Trust: 0.9

sources: BID: 14475 // CNNVD: CNNVD-200508-077

DESCRIPTION

Unknown vulnerability in Sun McData switches and directors 4300, 4500, 6064, and 6140 before E/OS 6.0.0 may allow attackers to cause a denial of service (connectivity and array access loss) via a network broadcast storm. McDATA Sphereon 4300, and 4500 Fabric Switches, Intrepid 6064, and 6140 Director Switches are susceptible to a remote denial of service vulnerability when running E/OS versions prior to 6.0.0. This issue is due to the affected devices failing to properly handle network broadcast storms. Hosts utilizing the SAN for storage may loose complete access to the attached storage. This vulnerability allows attackers to simultaneously deny storage service to potentially numerous servers connected to a SAN. Versions of E/OS prior to 6.0.0 are affected by this vulnerability. There are unknown vulnerabilities in Sun McData switches and director4300, 4500, 6064 and 6140, and versions before E/OS 6.0.0. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: McDATA Switches / Directors Network Broadcast Storm Denial of Service SECUNIA ADVISORY ID: SA16295 VERIFY ADVISORY: http://secunia.com/advisories/16295/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network OPERATING SYSTEM: McDATA Sphereon 4300 Fabric Switch http://secunia.com/product/5484/ McDATA Intrepid 6140 Director http://secunia.com/product/5485/ McDATA Intrepid 6064 Director http://secunia.com/product/5486/ McDATA Sphereon 4500 Fabric Switch http://secunia.com/product/5483/ DESCRIPTION: A vulnerability has been reported in McDATA Switches and Directors, which can be exploited by malicious people to cause a DoS (Denial of Service). This can lead to multiple path failures and loss of host access to the array. PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: Sun Microsystems: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101833-1 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-2487 // BID: 14475 // VULHUB: VHN-13696 // PACKETSTORM: 38994

AFFECTED PRODUCTS

vendor:mcdatamodel:intrepid 6140 director switchscope:eqversion:*

Trust: 1.0

vendor:mcdatamodel:intrepid 6064 director switchscope:eqversion:*

Trust: 1.0

vendor:mcdatamodel:sphereon 4500 fabric switchscope:eqversion:*

Trust: 1.0

vendor:mcdatamodel:sphereon 4300 fabric switchscope:eqversion:*

Trust: 1.0

vendor:mcdatamodel:sphereon 4300 fabric switchscope: - version: -

Trust: 0.6

vendor:mcdatamodel:intrepid 6064 director switchscope: - version: -

Trust: 0.6

vendor:mcdatamodel:intrepid 6140 director switchscope: - version: -

Trust: 0.6

vendor:mcdatamodel:sphereon 4500 fabric switchscope: - version: -

Trust: 0.6

vendor:mcdatamodel:sphereon fabric switchscope:eqversion:4500

Trust: 0.3

vendor:mcdatamodel:sphereon fabric switchscope:eqversion:4300

Trust: 0.3

vendor:mcdatamodel:intrepid director switchscope:eqversion:6140

Trust: 0.3

vendor:mcdatamodel:intrepid director switchscope:eqversion:6064

Trust: 0.3

vendor:mcdatamodel:e/osscope: - version: -

Trust: 0.3

vendor:mcdatamodel:e/osscope:neversion:7.01.00

Trust: 0.3

vendor:mcdatamodel:e/osscope:neversion:6.0.0

Trust: 0.3

sources: BID: 14475 // CNNVD: CNNVD-200508-077 // NVD: CVE-2005-2487

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-2487
value: LOW

Trust: 1.0

CNNVD: CNNVD-200508-077
value: LOW

Trust: 0.6

VULHUB: VHN-13696
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2005-2487
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-13696
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-13696 // CNNVD: CNNVD-200508-077 // NVD: CVE-2005-2487

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2487

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-200508-077

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200508-077

EXTERNAL IDS

db:BIDid:14475

Trust: 2.0

db:SECUNIAid:16295

Trust: 1.8

db:NVDid:CVE-2005-2487

Trust: 1.7

db:CNNVDid:CNNVD-200508-077

Trust: 0.7

db:SUNALERTid:101833

Trust: 0.6

db:XFid:21706

Trust: 0.6

db:VULHUBid:VHN-13696

Trust: 0.1

db:PACKETSTORMid:38994

Trust: 0.1

sources: VULHUB: VHN-13696 // BID: 14475 // PACKETSTORM: 38994 // CNNVD: CNNVD-200508-077 // NVD: CVE-2005-2487

REFERENCES

url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-101833-1

Trust: 2.1

url:http://www.securityfocus.com/bid/14475

Trust: 1.7

url:http://secunia.com/advisories/16295

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/21706

Trust: 1.1

url:http://xforce.iss.net/xforce/xfdb/21706

Trust: 0.6

url:http://www.mcdata.com/

Trust: 0.3

url:http://secunia.com/product/5484/

Trust: 0.1

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/5486/

Trust: 0.1

url:http://secunia.com/secunia_vacancies/

Trust: 0.1

url:http://secunia.com/advisories/16295/

Trust: 0.1

url:http://secunia.com/product/5483/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/product/5485/

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: VULHUB: VHN-13696 // BID: 14475 // PACKETSTORM: 38994 // CNNVD: CNNVD-200508-077 // NVD: CVE-2005-2487

CREDITS

Sun

Trust: 0.6

sources: CNNVD: CNNVD-200508-077

SOURCES

db:VULHUBid:VHN-13696
db:BIDid:14475
db:PACKETSTORMid:38994
db:CNNVDid:CNNVD-200508-077
db:NVDid:CVE-2005-2487

LAST UPDATE DATE

2024-08-14T14:35:43.339000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-13696date:2017-07-11T00:00:00
db:BIDid:14475date:2005-08-04T00:00:00
db:CNNVDid:CNNVD-200508-077date:2005-10-20T00:00:00
db:NVDid:CVE-2005-2487date:2017-07-11T01:32:52.657

SOURCES RELEASE DATE

db:VULHUBid:VHN-13696date:2005-08-07T00:00:00
db:BIDid:14475date:2005-08-04T00:00:00
db:PACKETSTORMid:38994date:2005-08-05T04:52:53
db:CNNVDid:CNNVD-200508-077date:2005-08-07T00:00:00
db:NVDid:CVE-2005-2487date:2005-08-07T04:00:00