VAR-200212-0097
Vulnerability from variot - Updated: 2023-12-18 12:24Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response. Several Lucent Router product lines include support for a configuration tool which communicates over UDP on port 9. If a specially crafted packet is sent to some of these devices on UDP port 9, a response is issued which contains sensitive information. This information may be of aid in further attacks against the network or device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0097",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ascend pipeline router",
"scope": "eq",
"trust": 1.9,
"vendor": "lucent",
"version": "5.0"
},
{
"model": "ascend pipeline router",
"scope": "eq",
"trust": 1.9,
"vendor": "lucent",
"version": "4.0"
},
{
"model": "ascend pipeline router",
"scope": "eq",
"trust": 1.9,
"vendor": "lucent",
"version": "3.0"
},
{
"model": "ascend pipeline router",
"scope": "eq",
"trust": 1.9,
"vendor": "lucent",
"version": "2.0"
},
{
"model": "ascend pipeline router",
"scope": "eq",
"trust": 1.9,
"vendor": "lucent",
"version": "1.0"
},
{
"model": "ascend max router",
"scope": "eq",
"trust": 1.9,
"vendor": "lucent",
"version": "5.0"
},
{
"model": "ascend max router",
"scope": "eq",
"trust": 1.9,
"vendor": "lucent",
"version": "4.0"
},
{
"model": "ascend max router",
"scope": "eq",
"trust": 1.9,
"vendor": "lucent",
"version": "3.0"
},
{
"model": "ascend max router",
"scope": "eq",
"trust": 1.9,
"vendor": "lucent",
"version": "2.0"
},
{
"model": "ascend max router",
"scope": "eq",
"trust": 1.6,
"vendor": "lucent",
"version": "5.0_ap48"
},
{
"model": "ascend pipeline router",
"scope": "eq",
"trust": 1.3,
"vendor": "lucent",
"version": "6.0.2"
},
{
"model": "ascend pipeline router",
"scope": "eq",
"trust": 1.3,
"vendor": "lucent",
"version": "6.0"
},
{
"model": "dslterminator",
"scope": "eq",
"trust": 1.0,
"vendor": "lucent",
"version": "*"
},
{
"model": "dslterminator",
"scope": null,
"trust": 0.3,
"vendor": "lucent",
"version": null
},
{
"model": "ascend max router ap48",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "5.0"
},
{
"model": "ascend max router",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "1.0"
},
{
"model": "pipeline .0a",
"scope": "eq",
"trust": 0.3,
"vendor": "ascend",
"version": "5.0"
},
{
"model": "max .0ap42",
"scope": "eq",
"trust": 0.3,
"vendor": "ascend",
"version": "5.0"
},
{
"model": "ascend tnt router",
"scope": "ne",
"trust": 0.3,
"vendor": "lucent",
"version": "2.0.3"
},
{
"model": "ascend tnt router",
"scope": "ne",
"trust": 0.3,
"vendor": "lucent",
"version": "2.0"
},
{
"model": "ascend tnt router",
"scope": "ne",
"trust": 0.3,
"vendor": "lucent",
"version": "1.0"
}
],
"sources": [
{
"db": "BID",
"id": "5335"
},
{
"db": "NVD",
"id": "CVE-2002-2148"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_max_router:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_max_router:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_max_router:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_max_router:5.0_ap48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_pipeline_router:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_pipeline_router:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_pipeline_router:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:dslterminator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_pipeline_router:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_pipeline_router:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_max_router:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_pipeline_router:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:ascend_pipeline_router:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2148"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Published by FX",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2148",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-6531",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-2148",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-2148",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-584",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6531",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2002-2148",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6531"
},
{
"db": "VULMON",
"id": "CVE-2002-2148"
},
{
"db": "NVD",
"id": "CVE-2002-2148"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response. Several Lucent Router product lines include support for a configuration tool which communicates over UDP on port 9. \nIf a specially crafted packet is sent to some of these devices on UDP port 9, a response is issued which contains sensitive information. This information may be of aid in further attacks against the network or device",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2148"
},
{
"db": "BID",
"id": "5335"
},
{
"db": "VULHUB",
"id": "VHN-6531"
},
{
"db": "VULMON",
"id": "CVE-2002-2148"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5335",
"trust": 2.1
},
{
"db": "NVD",
"id": "CVE-2002-2148",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-200212-584",
"trust": 0.7
},
{
"db": "XF",
"id": "9",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020727 PHENOELIT ADVISORY 0815 ++ ** ASCEND",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6531",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2002-2148",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6531"
},
{
"db": "VULMON",
"id": "CVE-2002-2148"
},
{
"db": "BID",
"id": "5335"
},
{
"db": "NVD",
"id": "CVE-2002-2148"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
]
},
"id": "VAR-200212-0097",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6531"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:24:25.989000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2148"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/5335"
},
{
"trust": 1.8,
"url": "http://online.securityfocus.com/archive/1/284650"
},
{
"trust": 1.8,
"url": "http://www.iss.net/security_center/static/9704.php"
},
{
"trust": 0.3,
"url": "http://www.lucent.com"
},
{
"trust": 0.3,
"url": "http://www.phenoelit.de/stuff/lucent_ascend.txt"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6531"
},
{
"db": "VULMON",
"id": "CVE-2002-2148"
},
{
"db": "BID",
"id": "5335"
},
{
"db": "NVD",
"id": "CVE-2002-2148"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6531"
},
{
"db": "VULMON",
"id": "CVE-2002-2148"
},
{
"db": "BID",
"id": "5335"
},
{
"db": "NVD",
"id": "CVE-2002-2148"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6531"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULMON",
"id": "CVE-2002-2148"
},
{
"date": "2002-07-27T00:00:00",
"db": "BID",
"id": "5335"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2148"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6531"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULMON",
"id": "CVE-2002-2148"
},
{
"date": "2002-07-27T00:00:00",
"db": "BID",
"id": "5335"
},
{
"date": "2008-09-05T20:32:27.417000",
"db": "NVD",
"id": "CVE-2002-2148"
},
{
"date": "2006-01-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lucent router UDP port 9 Information disclosure vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "5335"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-584"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…