cvelistv5 - cve-2008-2169

cve-2008-2169

Vulnerability from cvelistv5

Published

2008-05-13 22:00

Modified

2024-09-16 18:09

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://www.kb.cert.org/vuls/id/929656	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/28999
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/929656	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28999

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:49:58.585Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28999",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28999"
          },
          {
            "name": "VU#929656",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/929656"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-05-13T22:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "28999",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28999"
        },
        {
          "name": "VU#929656",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/929656"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2169",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "28999",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28999"
            },
            {
              "name": "VU#929656",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/929656"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-2169",
    "datePublished": "2008-05-13T22:00:00Z",
    "dateReserved": "2008-05-13T00:00:00Z",
    "dateUpdated": "2024-09-16T18:09:06.825Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:avici:router:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E16ECB5C-6C62-4EAB-B134-67E2FFB164A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:hitachi:gr2000:1b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22F02BA5-0229-44CC-99D7-FF31CA9C663A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:hitachi:gr2000:2b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D6C86A9-6415-4A3A-A55F-183613580279\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:hitachi:gr2000:2b\\\\+:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ECCC842D-D459-4049-A096-1900DD621A20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:hitachi:gr2000:bh:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8670F404-9160-44E3-AF45-28ADB750388B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:hitachi:gr3000:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BE18FB6-E292-47B2-8FA2-74EE122C2B02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:hitachi:gr4000:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D377F14F-44AE-4D74-8C14-BA73AC77FDB7\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en los routers Avici, permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (sesi\\u00f3n ca\\u00edda) a trav\\u00e9s de mensajes BGP UPDATE manipulados, provocando cambio continuo de ruta (route flapping), posiblemente sea un problema relacionado con la CVE-2007-6372.\"}]",
      "id": "CVE-2008-2169",
      "lastModified": "2024-11-21T00:46:14.550",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-05-13T22:20:00.000",
      "references": "[{\"url\": \"http://www.kb.cert.org/vuls/id/929656\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.securityfocus.com/bid/28999\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/929656\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.securityfocus.com/bid/28999\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}, {\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-2169\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-05-13T22:20:00.000\",\"lastModified\":\"2024-11-21T00:46:14.550\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en los routers Avici, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (sesi\u00f3n ca\u00edda) a trav\u00e9s de mensajes BGP UPDATE manipulados, provocando cambio continuo de ruta (route flapping), posiblemente sea un problema relacionado con la CVE-2007-6372.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:avici:router:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E16ECB5C-6C62-4EAB-B134-67E2FFB164A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:hitachi:gr2000:1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22F02BA5-0229-44CC-99D7-FF31CA9C663A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:hitachi:gr2000:2b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D6C86A9-6415-4A3A-A55F-183613580279\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:hitachi:gr2000:2b\\\\+:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECCC842D-D459-4049-A096-1900DD621A20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:hitachi:gr2000:bh:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8670F404-9160-44E3-AF45-28ADB750388B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:hitachi:gr3000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BE18FB6-E292-47B2-8FA2-74EE122C2B02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:hitachi:gr4000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D377F14F-44AE-4D74-8C14-BA73AC77FDB7\"}]}]}],\"references\":[{\"url\":\"http://www.kb.cert.org/vuls/id/929656\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/28999\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/929656\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/28999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. Avici Router In the case of route flapping, service disruption ( Session destruction ) There is a vulnerability that becomes a condition. Multiple vendors' BGP implementations are prone to a remote denial-of-service vulnerability that arises when the software handles specially crafted BGP packets. It has been assigned its own record because details regarding what technologies are vulnerable and how the various vendors have implemented BGP are not currently available. As more information emerges, we will create individual records to further document the vulnerability for the various vulnerable technologies. AlaxalA Networks AX series and Hitachi GR series are reported vulnerable to this issue. Unspecified technologies from Avici Systems, Inc., Century Systems Inc., and Yamaha Corporation are also reported vulnerable. Juniper Networks Juniper Junos is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware system. The operating system provides a secure programming interface and Junos SDK. There is a loophole in the implementation of the BGP protocol in JUNOS, and a remote attacker may take advantage of this loophole. ----------------------------------------------------------------------

Secunia Network Software Inspector 2.0 (NSI) - Public Beta

The Public Beta has ended. Thanks to all that participated.

Learn more: http://secunia.com/network_software_inspector_2/

TITLE: ALAXALA Networks AX Series BGP UPDATE Message Processing Denial of Service

SECUNIA ADVISORY ID: SA30054

VERIFY ADVISORY: http://secunia.com/advisories/30054/

CRITICAL: Moderately critical

IMPACT: DoS

WHERE:

From remote

OPERATING SYSTEM: ALAXALA Networks AX7800S Series http://secunia.com/product/5125/ ALAXALA Networks AX7800R Series http://secunia.com/product/5124/ ALAXALA Networks AX7700R http://secunia.com/product/11176/ ALAXALA Networks AX5400S Series http://secunia.com/product/5126/ ALAXALA Networks AX3600S Series http://secunia.com/product/11174/ ALAXALA Networks AX2400S Series http://secunia.com/product/11175/ ALAXALA Networks AX2000R Series http://secunia.com/product/11177/

DESCRIPTION: A vulnerability has been reported in ALAXALA Networks AX series, which can be exploited by malicious people to cause a DoS (Denial of Service).

SOLUTION: Restrict network access on affected systems.

PROVIDED AND/OR DISCOVERED BY: Reported via US-CERT.

ORIGINAL ADVISORY: US-CERT VU#929656: http://www.kb.cert.org/vuls/id/929656

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200805-0296",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "router",
        "scope": null,
        "trust": 1.4,
        "vendor": "avici",
        "version": null
      },
      {
        "model": "gr2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "hitachi",
        "version": "1b"
      },
      {
        "model": "router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "avici",
        "version": "*"
      },
      {
        "model": "gr2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "hitachi",
        "version": "2b\\+"
      },
      {
        "model": "gr2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "hitachi",
        "version": "bh"
      },
      {
        "model": "gr3000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "hitachi",
        "version": "*"
      },
      {
        "model": "gr4000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "hitachi",
        "version": "*"
      },
      {
        "model": "gr2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "hitachi",
        "version": "2b"
      },
      {
        "model": "gr4000",
        "scope": null,
        "trust": 0.3,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "gr3000",
        "scope": null,
        "trust": 0.3,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "gr2000-bh",
        "scope": null,
        "trust": 0.3,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "gr2000-2b+",
        "scope": null,
        "trust": 0.3,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "gr2000-2b",
        "scope": null,
        "trust": 0.3,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "gr2000-1b",
        "scope": null,
        "trust": 0.3,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "alaxala ax",
        "scope": null,
        "trust": 0.3,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "networks ax7800s",
        "scope": null,
        "trust": 0.3,
        "vendor": "alaxala",
        "version": null
      },
      {
        "model": "networks ax7800r",
        "scope": null,
        "trust": 0.3,
        "vendor": "alaxala",
        "version": null
      },
      {
        "model": "networks ax7700r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "alaxala",
        "version": "0"
      },
      {
        "model": "networks ax5400s",
        "scope": null,
        "trust": 0.3,
        "vendor": "alaxala",
        "version": null
      },
      {
        "model": "networks ax3600s",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "alaxala",
        "version": "0"
      },
      {
        "model": "networks ax2400s",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "alaxala",
        "version": "0"
      },
      {
        "model": "networks ax2000r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "alaxala",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "28999"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-003046"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2169"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200805-124"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr4000:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:avici:router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr2000:1b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr2000:2b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr2000:bh:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr2000:2b\\+:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr3000:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-2169"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper Networks",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200805-124"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2008-2169",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.1,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2008-2169",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-32294",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2008-2169",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200805-124",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-32294",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32294"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-003046"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2169"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200805-124"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. Avici Router In the case of route flapping, service disruption ( Session destruction ) There is a vulnerability that becomes a condition. Multiple vendors\u0027 BGP implementations are prone to a remote denial-of-service vulnerability that arises when the software handles specially crafted BGP packets. It has been assigned its own record because details regarding what technologies are vulnerable and how the various vendors have implemented BGP are not currently available. As more information emerges, we will create individual records to further document the vulnerability for the various vulnerable technologies. \nAlaxalA Networks AX series and Hitachi GR series are reported vulnerable to this issue. Unspecified technologies from Avici Systems, Inc., Century Systems Inc., and Yamaha Corporation are also reported vulnerable. Juniper Networks Juniper Junos is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company\u0027s hardware system. The operating system provides a secure programming interface and Junos SDK. There is a loophole in the implementation of the BGP protocol in JUNOS, and a remote attacker may take advantage of this loophole. ----------------------------------------------------------------------\n\nSecunia Network Software Inspector 2.0 (NSI) - Public Beta\n\nThe Public Beta has ended. Thanks to all that participated. \n\nLearn more:\nhttp://secunia.com/network_software_inspector_2/\n\n----------------------------------------------------------------------\n\nTITLE:\nALAXALA Networks AX Series BGP UPDATE Message Processing Denial of\nService\n\nSECUNIA ADVISORY ID:\nSA30054\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/30054/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nALAXALA Networks AX7800S Series\nhttp://secunia.com/product/5125/\nALAXALA Networks AX7800R Series\nhttp://secunia.com/product/5124/\nALAXALA Networks AX7700R\nhttp://secunia.com/product/11176/\nALAXALA Networks AX5400S Series\nhttp://secunia.com/product/5126/\nALAXALA Networks AX3600S Series\nhttp://secunia.com/product/11174/\nALAXALA Networks AX2400S Series\nhttp://secunia.com/product/11175/\nALAXALA Networks AX2000R Series\nhttp://secunia.com/product/11177/\n\nDESCRIPTION:\nA vulnerability has been reported in ALAXALA Networks AX series,\nwhich can be exploited by malicious people to cause a DoS (Denial of\nService). \n\nSOLUTION:\nRestrict network access on affected systems. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported via US-CERT. \n\nORIGINAL ADVISORY:\nUS-CERT VU#929656:\nhttp://www.kb.cert.org/vuls/id/929656\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-2169"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-003046"
      },
      {
        "db": "BID",
        "id": "28999"
      },
      {
        "db": "VULHUB",
        "id": "VHN-32294"
      },
      {
        "db": "PACKETSTORM",
        "id": "66123"
      },
      {
        "db": "PACKETSTORM",
        "id": "66130"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#929656",
        "trust": 3.0
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2169",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "28999",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-003046",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200805-124",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "30054",
        "trust": 0.2
      },
      {
        "db": "SECUNIA",
        "id": "30028",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-32294",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "66123",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "66130",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32294"
      },
      {
        "db": "BID",
        "id": "28999"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-003046"
      },
      {
        "db": "PACKETSTORM",
        "id": "66123"
      },
      {
        "db": "PACKETSTORM",
        "id": "66130"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2169"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200805-124"
      }
    ]
  },
  "id": "VAR-200805-0296",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32294"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:39:34.934000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      },
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32294"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-003046"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2169"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "http://www.kb.cert.org/vuls/id/929656"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/28999"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2169"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2169"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/network_software_inspector_2/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5126/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/11176/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/11174/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/11177/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/30054/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5125/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/11175/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5124/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/30028/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5131/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5129/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32294"
      },
      {
        "db": "BID",
        "id": "28999"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-003046"
      },
      {
        "db": "PACKETSTORM",
        "id": "66123"
      },
      {
        "db": "PACKETSTORM",
        "id": "66130"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2169"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200805-124"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-32294"
      },
      {
        "db": "BID",
        "id": "28999"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-003046"
      },
      {
        "db": "PACKETSTORM",
        "id": "66123"
      },
      {
        "db": "PACKETSTORM",
        "id": "66130"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2169"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200805-124"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-05-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-32294"
      },
      {
        "date": "2008-05-01T00:00:00",
        "db": "BID",
        "id": "28999"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-003046"
      },
      {
        "date": "2008-05-08T17:30:50",
        "db": "PACKETSTORM",
        "id": "66123"
      },
      {
        "date": "2008-05-08T17:30:50",
        "db": "PACKETSTORM",
        "id": "66130"
      },
      {
        "date": "2008-05-13T22:20:00",
        "db": "NVD",
        "id": "CVE-2008-2169"
      },
      {
        "date": "2007-12-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200805-124"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-09-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-32294"
      },
      {
        "date": "2016-07-06T14:17:00",
        "db": "BID",
        "id": "28999"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-003046"
      },
      {
        "date": "2008-09-05T04:00:00",
        "db": "NVD",
        "id": "CVE-2008-2169"
      },
      {
        "date": "2008-09-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200805-124"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200805-124"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Avici Service disruption in routers  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-003046"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200805-124"
      }
    ],
    "trust": 0.6
  }
}

gsd-2008-2169

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2008-2169

Aliases

CVE-2008-2169

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-2169",
    "description": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.",
    "id": "GSD-2008-2169"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-2169"
      ],
      "details": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.",
      "id": "GSD-2008-2169",
      "modified": "2023-12-13T01:23:00.952429Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-2169",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "28999",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/28999"
          },
          {
            "name": "VU#929656",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/929656"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr4000:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:avici:router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr2000:1b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr2000:2b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr2000:bh:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr2000:2b\\+:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:hitachi:gr3000:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2169"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                },
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#929656",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/929656"
            },
            {
              "name": "28999",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/28999"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2008-09-05T04:00Z",
      "publishedDate": "2008-05-13T22:20Z"
    }
  }
}

ghsa-w9j8-c5hv-crc7

Vulnerability from github

Published

2022-05-01 23:47

Modified

2022-05-01 23:47

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-2169"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-05-13T22:20:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.",
  "id": "GHSA-w9j8-c5hv-crc7",
  "modified": "2022-05-01T23:47:12Z",
  "published": "2022-05-01T23:47:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2169"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/929656"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/28999"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2008-2169

Vulnerability from fkie_nvd

Published

2008-05-13 22:20

Modified

2024-11-21 00:46

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://www.kb.cert.org/vuls/id/929656	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/28999
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/929656	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28999

Impacted products

Vendor	Product	Version
avici	router	*
hitachi	gr2000	1b
hitachi	gr2000	2b
hitachi	gr2000	2b\+
hitachi	gr2000	bh
hitachi	gr3000	*
hitachi	gr4000	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:avici:router:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16ECB5C-6C62-4EAB-B134-67E2FFB164A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:hitachi:gr2000:1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "22F02BA5-0229-44CC-99D7-FF31CA9C663A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:hitachi:gr2000:2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D6C86A9-6415-4A3A-A55F-183613580279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:hitachi:gr2000:2b\\+:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECCC842D-D459-4049-A096-1900DD621A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:hitachi:gr2000:bh:*:*:*:*:*:*:*",
              "matchCriteriaId": "8670F404-9160-44E3-AF45-28ADB750388B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:hitachi:gr3000:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BE18FB6-E292-47B2-8FA2-74EE122C2B02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:hitachi:gr4000:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D377F14F-44AE-4D74-8C14-BA73AC77FDB7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en los routers Avici, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (sesi\u00f3n ca\u00edda) a trav\u00e9s de mensajes BGP UPDATE manipulados, provocando cambio continuo de ruta (route flapping), posiblemente sea un problema relacionado con la CVE-2007-6372."
    }
  ],
  "id": "CVE-2008-2169",
  "lastModified": "2024-11-21T00:46:14.550",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-05-13T22:20:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/929656"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/28999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/929656"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28999"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2008-2169

Vulnerability from cvelistv5

var-200805-0296

Vulnerability from variot

gsd-2008-2169

Vulnerability from gsd

ghsa-w9j8-c5hv-crc7

Vulnerability from github

cve-2008-2169

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature