VAR-200409-0059
Vulnerability from variot - Updated: 2023-12-18 13:21Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets. It is reported that hardware based on Engenio Storage Controllers are prone to a remote denial of service vulnerability. This could also result reportedly result in unrecoverable corruption of data. Affected hardware includes Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches. Other devices may be affected such as other Storagetek and IBM FastT storage controllers, SGI, and Teradata storage controllers though this has not confirmed. The problem may exist in the underlying vxWorks operating system though this has also not been confirmed
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200409-0059",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "silkworm fiber channel switch",
"scope": "eq",
"trust": 1.9,
"vendor": "brocade",
"version": "2050"
},
{
"model": "silkworm fiber channel switch",
"scope": "eq",
"trust": 1.9,
"vendor": "brocade",
"version": "2040"
},
{
"model": "silkworm fiber channel switch",
"scope": "eq",
"trust": 1.9,
"vendor": "brocade",
"version": "2010"
},
{
"model": "silkworm",
"scope": "eq",
"trust": 1.9,
"vendor": "brocade",
"version": "3900"
},
{
"model": "silkworm",
"scope": "eq",
"trust": 1.9,
"vendor": "brocade",
"version": "3850"
},
{
"model": "silkworm",
"scope": "eq",
"trust": 1.9,
"vendor": "brocade",
"version": "3800"
},
{
"model": "silkworm",
"scope": "eq",
"trust": 1.9,
"vendor": "brocade",
"version": "3250"
},
{
"model": "silkworm",
"scope": "eq",
"trust": 1.9,
"vendor": "brocade",
"version": "3200"
},
{
"model": "storage controller",
"scope": "eq",
"trust": 1.3,
"vendor": "engenio",
"version": "5884"
},
{
"model": "storage controller",
"scope": "eq",
"trust": 1.3,
"vendor": "engenio",
"version": "4884"
},
{
"model": "storage controller",
"scope": "eq",
"trust": 1.3,
"vendor": "engenio",
"version": "2882"
},
{
"model": "storage controller",
"scope": "eq",
"trust": 1.3,
"vendor": "engenio",
"version": "2822"
},
{
"model": "fabric operating system",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.1.2"
},
{
"model": "fabric operating system",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"model": "fabric operating system",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "d280",
"scope": "eq",
"trust": 1.0,
"vendor": "storagetek",
"version": "*"
},
{
"model": "ds4100",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "d280",
"scope": null,
"trust": 0.3,
"vendor": "storagetek",
"version": null
},
{
"model": "ds4100",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "fabric os",
"scope": "eq",
"trust": 0.3,
"vendor": "brocade",
"version": "3.1"
},
{
"model": "fabric os",
"scope": "eq",
"trust": 0.3,
"vendor": "brocade",
"version": "2.2"
},
{
"model": "fabric os",
"scope": "eq",
"trust": 0.3,
"vendor": "brocade",
"version": "2.1.2"
}
],
"sources": [
{
"db": "BID",
"id": "11108"
},
{
"db": "NVD",
"id": "CVE-2004-1663"
},
{
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:brocade:silkworm:3200:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:brocade:silkworm:3250:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:engenio:storage_controller:2882:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:engenio:storage_controller:4884:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:brocade:silkworm_fiber_channel_switch:2040:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:brocade:silkworm_fiber_channel_switch:2050:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:engenio:storage_controller:2822:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:broadcom:fabric_operating_system:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:broadcom:fabric_operating_system:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:brocade:silkworm:3900:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:brocade:silkworm_fiber_channel_switch:2010:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:storagetek:d280:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:broadcom:fabric_operating_system:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:brocade:silkworm:3800:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:brocade:silkworm:3850:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:engenio:storage_controller:5884:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:ibm:ds4100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1663"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to Frank Denis.",
"sources": [
{
"db": "BID",
"id": "11108"
},
{
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
],
"trust": 0.9
},
"cve": "CVE-2004-1663",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-10093",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1663",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200409-010",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-10093",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10093"
},
{
"db": "NVD",
"id": "CVE-2004-1663"
},
{
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets. It is reported that hardware based on Engenio Storage Controllers are prone to a remote denial of service vulnerability. This could also result reportedly result in unrecoverable corruption of data. \nAffected hardware includes Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches. Other devices may be affected such as other Storagetek and IBM FastT storage controllers, SGI, and Teradata storage controllers though this has not confirmed. The problem may exist in the underlying vxWorks operating system though this has also not been confirmed",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1663"
},
{
"db": "BID",
"id": "11108"
},
{
"db": "VULHUB",
"id": "VHN-10093"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11108",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-1663",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "12464",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200409-010",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-10093",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10093"
},
{
"db": "BID",
"id": "11108"
},
{
"db": "NVD",
"id": "CVE-2004-1663"
},
{
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
]
},
"id": "VAR-200409-0059",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10093"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:21:14.643000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1663"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11108"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/12464"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17290"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=109435831811484\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.storagetek.com/products/category_page2004.html"
},
{
"trust": 0.3,
"url": "http://www.engenio.com/"
},
{
"trust": 0.3,
"url": "http://www.storage.ibm.com/disk/fastt/"
},
{
"trust": 0.3,
"url": "/archive/1/374246"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=109435831811484\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10093"
},
{
"db": "BID",
"id": "11108"
},
{
"db": "NVD",
"id": "CVE-2004-1663"
},
{
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10093"
},
{
"db": "BID",
"id": "11108"
},
{
"db": "NVD",
"id": "CVE-2004-1663"
},
{
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-09-04T00:00:00",
"db": "VULHUB",
"id": "VHN-10093"
},
{
"date": "2004-09-04T00:00:00",
"db": "BID",
"id": "11108"
},
{
"date": "2004-09-04T04:00:00",
"db": "NVD",
"id": "CVE-2004-1663"
},
{
"date": "2004-09-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10093"
},
{
"date": "2004-09-04T00:00:00",
"db": "BID",
"id": "11108"
},
{
"date": "2021-06-22T15:19:34.840000",
"db": "NVD",
"id": "CVE-2004-1663"
},
{
"date": "2021-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LSI Logic storage controllers Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200409-010"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…