VAR-200212-0098
Vulnerability from variot - Updated: 2023-12-18 12:47Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface. An error has been reported in the embedded HTTP server. It has been reported that sending a HTTP request consisting of approximately 4000 characters of data will cause the device to reboot. This may result in an interruption of service for legitimate users of the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0098",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "access point service router 600",
"scope": "eq",
"trust": 1.0,
"vendor": "lucent",
"version": "*"
},
{
"model": "access point service router 300",
"scope": "eq",
"trust": 1.0,
"vendor": "lucent",
"version": "*"
},
{
"model": "access point service router 1500",
"scope": "eq",
"trust": 1.0,
"vendor": "lucent",
"version": "*"
},
{
"model": "access point service router 1500",
"scope": null,
"trust": 0.6,
"vendor": "lucent",
"version": null
},
{
"model": "access point service router 600",
"scope": null,
"trust": 0.6,
"vendor": "lucent",
"version": null
},
{
"model": "access point service router 300",
"scope": null,
"trust": 0.6,
"vendor": "lucent",
"version": null
},
{
"model": "access point service router",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "600"
},
{
"model": "access point service router",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "300"
},
{
"model": "access point service router",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "1500"
},
{
"model": "ap o/s",
"scope": "ne",
"trust": 0.3,
"vendor": "lucent",
"version": "4.0"
},
{
"model": "ap o/s",
"scope": "ne",
"trust": 0.3,
"vendor": "lucent",
"version": "3.1"
},
{
"model": "ap o/s r3",
"scope": "ne",
"trust": 0.3,
"vendor": "lucent",
"version": "3.0"
},
{
"model": "ap o/s .0r.4.3",
"scope": "ne",
"trust": 0.3,
"vendor": "lucent",
"version": "2.5"
}
],
"sources": [
{
"db": "BID",
"id": "5333"
},
{
"db": "NVD",
"id": "CVE-2002-2149"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:lucent:access_point_service_router_300:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:access_point_service_router_1500:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:lucent:access_point_service_router_600:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2149"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Published by FX",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2149",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-6532",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-2149",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-658",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6532",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6532"
},
{
"db": "NVD",
"id": "CVE-2002-2149"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface. An error has been reported in the embedded HTTP server. \nIt has been reported that sending a HTTP request consisting of approximately 4000 characters of data will cause the device to reboot. This may result in an interruption of service for legitimate users of the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2149"
},
{
"db": "BID",
"id": "5333"
},
{
"db": "VULHUB",
"id": "VHN-6532"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-6532",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6532"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5333",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-2149",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200212-658",
"trust": 0.7
},
{
"db": "XF",
"id": "9705",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020727 PHENOELIT ADVISORY 0815 ++ // XEDIA",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-75480",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21656",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-6532",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6532"
},
{
"db": "BID",
"id": "5333"
},
{
"db": "NVD",
"id": "CVE-2002-2149"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
]
},
"id": "VAR-200212-0098",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6532"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:47:33.781000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2149"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5333"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/284649"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9705.php"
},
{
"trust": 0.3,
"url": "http://www.lucent.com/products/subcategory/0,,ctid+2017-stid+10472-locl+1,00.html"
},
{
"trust": 0.3,
"url": "http://www.phenoelit.de/stuff/lucent_xedia.txt"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6532"
},
{
"db": "BID",
"id": "5333"
},
{
"db": "NVD",
"id": "CVE-2002-2149"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6532"
},
{
"db": "BID",
"id": "5333"
},
{
"db": "NVD",
"id": "CVE-2002-2149"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6532"
},
{
"date": "2002-07-27T00:00:00",
"db": "BID",
"id": "5333"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2149"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6532"
},
{
"date": "2002-07-27T00:00:00",
"db": "BID",
"id": "5333"
},
{
"date": "2008-09-05T20:32:27.603000",
"db": "NVD",
"id": "CVE-2002-2149"
},
{
"date": "2006-01-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lucent Access Point IP Service router is very long HTTP Request service denial vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-658"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…