Details of VAR-200512-0087

ID

VAR-200512-0087

CVE

CVE-2005-4275

TITLE

Scientific Atlanta DPX2100 Cable Modem LanD Packet Denial Of Service Vulnerability

Trust: 0.9

sources: BID: 15870 // CNNVD: CNNVD-200512-336

DESCRIPTION

Scientific Atlanta DPX2100 Cable Modem allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD), as demonstrated using hping2. NOTE: the provenance of this issue is unknown; the details are obtained solely from third party information. Scientific Atlanta DPX2100 cable modems are prone to a denial of service vulnerability. These devices are susceptible to a remote denial of service vulnerability when handling TCP 'LanD' packets. This issue allows remote attackers to crash affected devices, or to temporarily block further network routing functionality. This will deny further network services to legitimate users. Scientific Atlanta DPX2100 cable modems are reportedly affected by this issue. Due to code reuse among devices, other devices may also be affected

Trust: 1.26

sources: NVD: CVE-2005-4275 // BID: 15870 // VULHUB: VHN-15483

AFFECTED PRODUCTS

vendor:	scientific atlanta	model:	dpx2100 cable modem	scope:	eq	version:	*	Trust: 1.0
vendor:	scientific atlanta	model:	dpx2100 cable modem	scope:	-	version:	-	Trust: 0.6
vendor:	scientific	model:	atlanta dpx2100	scope:	-	version:	-	Trust: 0.3

sources: BID: 15870 // CNNVD: CNNVD-200512-336 // NVD: CVE-2005-4275

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-4275
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200512-336
value:	HIGH
Trust: 0.6
VULHUB:	VHN-15483
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-4275
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-15483
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-15483 // CNNVD: CNNVD-200512-336 // NVD: CVE-2005-4275

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-4275

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200512-336

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200512-336

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-15483

EXTERNAL IDS

db:	BID	id:	15870	Trust: 2.0
db:	NVD	id:	CVE-2005-4275	Trust: 1.7
db:	CNNVD	id:	CNNVD-200512-336	Trust: 0.7
db:	EXPLOIT-DB	id:	26835	Trust: 0.1
db:	VULHUB	id:	VHN-15483	Trust: 0.1

sources: VULHUB: VHN-15483 // BID: 15870 // CNNVD: CNNVD-200512-336 // NVD: CVE-2005-4275

REFERENCES

url:	http://www.securityfocus.com/bid/15870	Trust: 1.7
url:	http://www.scientificatlanta.com/consumers_new/cablemodems/index.htm	Trust: 0.3
url:	/archive/1/419520	Trust: 0.3

sources: VULHUB: VHN-15483 // BID: 15870 // CNNVD: CNNVD-200512-336 // NVD: CVE-2005-4275

CREDITS

Justin M. Wray

Trust: 0.6

sources: CNNVD: CNNVD-200512-336

SOURCES

db:	VULHUB	id:	VHN-15483
db:	BID	id:	15870
db:	CNNVD	id:	CNNVD-200512-336
db:	NVD	id:	CVE-2005-4275

LAST UPDATE DATE

2024-08-14T14:53:39.670000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-15483	date:	2008-09-05T00:00:00
db:	BID	id:	15870	date:	2005-12-14T00:00:00
db:	CNNVD	id:	CNNVD-200512-336	date:	2006-01-10T00:00:00
db:	NVD	id:	CVE-2005-4275	date:	2008-09-05T20:56:28.833

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-15483	date:	2005-12-16T00:00:00
db:	BID	id:	15870	date:	2005-12-14T00:00:00
db:	CNNVD	id:	CNNVD-200512-336	date:	2005-12-16T00:00:00
db:	NVD	id:	CVE-2005-4275	date:	2005-12-16T11:03:00