All the vulnerabilites related to avici - router
var-200805-0296
Vulnerability from variot
Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. Avici Router In the case of route flapping, service disruption ( Session destruction ) There is a vulnerability that becomes a condition. Multiple vendors' BGP implementations are prone to a remote denial-of-service vulnerability that arises when the software handles specially crafted BGP packets. It has been assigned its own record because details regarding what technologies are vulnerable and how the various vendors have implemented BGP are not currently available. As more information emerges, we will create individual records to further document the vulnerability for the various vulnerable technologies. AlaxalA Networks AX series and Hitachi GR series are reported vulnerable to this issue. Unspecified technologies from Avici Systems, Inc., Century Systems Inc., and Yamaha Corporation are also reported vulnerable. Juniper Networks Juniper Junos is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware system. The operating system provides a secure programming interface and Junos SDK. There is a loophole in the implementation of the BGP protocol in JUNOS, and a remote attacker may take advantage of this loophole. ----------------------------------------------------------------------
Secunia Network Software Inspector 2.0 (NSI) - Public Beta
The Public Beta has ended. Thanks to all that participated.
Learn more: http://secunia.com/network_software_inspector_2/
TITLE: ALAXALA Networks AX Series BGP UPDATE Message Processing Denial of Service
SECUNIA ADVISORY ID: SA30054
VERIFY ADVISORY: http://secunia.com/advisories/30054/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: ALAXALA Networks AX7800S Series http://secunia.com/product/5125/ ALAXALA Networks AX7800R Series http://secunia.com/product/5124/ ALAXALA Networks AX7700R http://secunia.com/product/11176/ ALAXALA Networks AX5400S Series http://secunia.com/product/5126/ ALAXALA Networks AX3600S Series http://secunia.com/product/11174/ ALAXALA Networks AX2400S Series http://secunia.com/product/11175/ ALAXALA Networks AX2000R Series http://secunia.com/product/11177/
DESCRIPTION: A vulnerability has been reported in ALAXALA Networks AX series, which can be exploited by malicious people to cause a DoS (Denial of Service).
SOLUTION: Restrict network access on affected systems.
PROVIDED AND/OR DISCOVERED BY: Reported via US-CERT.
ORIGINAL ADVISORY: US-CERT VU#929656: http://www.kb.cert.org/vuls/id/929656
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200805-0296",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "router",
"scope": null,
"trust": 1.4,
"vendor": "avici",
"version": null
},
{
"model": "gr2000",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "1b"
},
{
"model": "router",
"scope": "eq",
"trust": 1.0,
"vendor": "avici",
"version": "*"
},
{
"model": "gr2000",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "2b\\+"
},
{
"model": "gr2000",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "bh"
},
{
"model": "gr3000",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "*"
},
{
"model": "gr4000",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "*"
},
{
"model": "gr2000",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "2b"
},
{
"model": "gr4000",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "gr3000",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "gr2000-bh",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "gr2000-2b+",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "gr2000-2b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "gr2000-1b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "alaxala ax",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "networks ax7800s",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "networks ax7800r",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "networks ax7700r",
"scope": "eq",
"trust": 0.3,
"vendor": "alaxala",
"version": "0"
},
{
"model": "networks ax5400s",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "networks ax3600s",
"scope": "eq",
"trust": 0.3,
"vendor": "alaxala",
"version": "0"
},
{
"model": "networks ax2400s",
"scope": "eq",
"trust": 0.3,
"vendor": "alaxala",
"version": "0"
},
{
"model": "networks ax2000r",
"scope": "eq",
"trust": 0.3,
"vendor": "alaxala",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "28999"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003046"
},
{
"db": "NVD",
"id": "CVE-2008-2169"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-124"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hitachi:gr4000:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avici:router:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hitachi:gr2000:1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hitachi:gr2000:2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hitachi:gr2000:bh:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hitachi:gr2000:2b\\+:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hitachi:gr3000:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-2169"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper Networks",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200805-124"
}
],
"trust": 0.6
},
"cve": "CVE-2008-2169",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-2169",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-32294",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-2169",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200805-124",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-32294",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-32294"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003046"
},
{
"db": "NVD",
"id": "CVE-2008-2169"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-124"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. Avici Router In the case of route flapping, service disruption ( Session destruction ) There is a vulnerability that becomes a condition. Multiple vendors\u0027 BGP implementations are prone to a remote denial-of-service vulnerability that arises when the software handles specially crafted BGP packets. It has been assigned its own record because details regarding what technologies are vulnerable and how the various vendors have implemented BGP are not currently available. As more information emerges, we will create individual records to further document the vulnerability for the various vulnerable technologies. \nAlaxalA Networks AX series and Hitachi GR series are reported vulnerable to this issue. Unspecified technologies from Avici Systems, Inc., Century Systems Inc., and Yamaha Corporation are also reported vulnerable. Juniper Networks Juniper Junos is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company\u0027s hardware system. The operating system provides a secure programming interface and Junos SDK. There is a loophole in the implementation of the BGP protocol in JUNOS, and a remote attacker may take advantage of this loophole. ----------------------------------------------------------------------\n\nSecunia Network Software Inspector 2.0 (NSI) - Public Beta\n\nThe Public Beta has ended. Thanks to all that participated. \n\nLearn more:\nhttp://secunia.com/network_software_inspector_2/\n\n----------------------------------------------------------------------\n\nTITLE:\nALAXALA Networks AX Series BGP UPDATE Message Processing Denial of\nService\n\nSECUNIA ADVISORY ID:\nSA30054\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/30054/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nALAXALA Networks AX7800S Series\nhttp://secunia.com/product/5125/\nALAXALA Networks AX7800R Series\nhttp://secunia.com/product/5124/\nALAXALA Networks AX7700R\nhttp://secunia.com/product/11176/\nALAXALA Networks AX5400S Series\nhttp://secunia.com/product/5126/\nALAXALA Networks AX3600S Series\nhttp://secunia.com/product/11174/\nALAXALA Networks AX2400S Series\nhttp://secunia.com/product/11175/\nALAXALA Networks AX2000R Series\nhttp://secunia.com/product/11177/\n\nDESCRIPTION:\nA vulnerability has been reported in ALAXALA Networks AX series,\nwhich can be exploited by malicious people to cause a DoS (Denial of\nService). \n\nSOLUTION:\nRestrict network access on affected systems. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported via US-CERT. \n\nORIGINAL ADVISORY:\nUS-CERT VU#929656:\nhttp://www.kb.cert.org/vuls/id/929656\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-2169"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003046"
},
{
"db": "BID",
"id": "28999"
},
{
"db": "VULHUB",
"id": "VHN-32294"
},
{
"db": "PACKETSTORM",
"id": "66123"
},
{
"db": "PACKETSTORM",
"id": "66130"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#929656",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2008-2169",
"trust": 2.8
},
{
"db": "BID",
"id": "28999",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003046",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200805-124",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "30054",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "30028",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-32294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "66123",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "66130",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-32294"
},
{
"db": "BID",
"id": "28999"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003046"
},
{
"db": "PACKETSTORM",
"id": "66123"
},
{
"db": "PACKETSTORM",
"id": "66130"
},
{
"db": "NVD",
"id": "CVE-2008-2169"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-124"
}
]
},
"id": "VAR-200805-0296",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-32294"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:39:34.934000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-32294"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003046"
},
{
"db": "NVD",
"id": "CVE-2008-2169"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/929656"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/28999"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2169"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2169"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/network_software_inspector_2/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5126/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11176/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11174/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11177/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/30054/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5125/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11175/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5124/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/30028/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5131/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5129/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-32294"
},
{
"db": "BID",
"id": "28999"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003046"
},
{
"db": "PACKETSTORM",
"id": "66123"
},
{
"db": "PACKETSTORM",
"id": "66130"
},
{
"db": "NVD",
"id": "CVE-2008-2169"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-124"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-32294"
},
{
"db": "BID",
"id": "28999"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003046"
},
{
"db": "PACKETSTORM",
"id": "66123"
},
{
"db": "PACKETSTORM",
"id": "66130"
},
{
"db": "NVD",
"id": "CVE-2008-2169"
},
{
"db": "CNNVD",
"id": "CNNVD-200805-124"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-32294"
},
{
"date": "2008-05-01T00:00:00",
"db": "BID",
"id": "28999"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-003046"
},
{
"date": "2008-05-08T17:30:50",
"db": "PACKETSTORM",
"id": "66123"
},
{
"date": "2008-05-08T17:30:50",
"db": "PACKETSTORM",
"id": "66130"
},
{
"date": "2008-05-13T22:20:00",
"db": "NVD",
"id": "CVE-2008-2169"
},
{
"date": "2007-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200805-124"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-32294"
},
{
"date": "2016-07-06T14:17:00",
"db": "BID",
"id": "28999"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-003046"
},
{
"date": "2008-09-05T04:00:00",
"db": "NVD",
"id": "CVE-2008-2169"
},
{
"date": "2008-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200805-124"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200805-124"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Avici Service disruption in routers (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-003046"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200805-124"
}
],
"trust": 0.6
}
}
cve-2008-2169
Vulnerability from cvelistv5
Published
2008-05-13 22:00
Modified
2024-09-16 18:09
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/28999 | vdb-entry, x_refsource_BID | |
| http://www.kb.cert.org/vuls/id/929656 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:58.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28999",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28999"
},
{
"name": "VU#929656",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/929656"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-05-13T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28999",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28999"
},
{
"name": "VU#929656",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/929656"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2169",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28999",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28999"
},
{
"name": "VU#929656",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/929656"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2169",
"datePublished": "2008-05-13T22:00:00Z",
"dateReserved": "2008-05-13T00:00:00Z",
"dateUpdated": "2024-09-16T18:09:06.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2008-05-13 22:20
Modified
2024-11-21 00:46
Severity ?
Summary
Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:avici:router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16ECB5C-6C62-4EAB-B134-67E2FFB164A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hitachi:gr2000:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "22F02BA5-0229-44CC-99D7-FF31CA9C663A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hitachi:gr2000:2b:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6C86A9-6415-4A3A-A55F-183613580279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hitachi:gr2000:2b\\+:*:*:*:*:*:*:*",
"matchCriteriaId": "ECCC842D-D459-4049-A096-1900DD621A20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hitachi:gr2000:bh:*:*:*:*:*:*:*",
"matchCriteriaId": "8670F404-9160-44E3-AF45-28ADB750388B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hitachi:gr3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE18FB6-E292-47B2-8FA2-74EE122C2B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hitachi:gr4000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D377F14F-44AE-4D74-8C14-BA73AC77FDB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en los routers Avici, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (sesi\u00f3n ca\u00edda) a trav\u00e9s de mensajes BGP UPDATE manipulados, provocando cambio continuo de ruta (route flapping), posiblemente sea un problema relacionado con la CVE-2007-6372."
}
],
"id": "CVE-2008-2169",
"lastModified": "2024-11-21T00:46:14.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-13T22:20:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/929656"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/929656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28999"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}