VAR-200412-0377
Vulnerability from variot - Updated: 2023-12-18 12:59Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled. Alcatel Omniswitch is a high-performance switch.
The OmniSwitch 7000 series switch system has problems processing some types of network communications. Remote attackers can use this vulnerability to conduct denial of service attacks on the switch.
When using Nessus for security scanning, it was found that the OmniSwitch 7000 series switches would be restarted, causing a denial of service. The problem is in the handling of scans by third-party security software. It has been reported that as a result of such scans, the switch reportedly reboots, impacting performance
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0377",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "omniswitch",
"scope": "eq",
"trust": 1.6,
"vendor": "alcatel",
"version": "7000"
},
{
"model": "omniswitch 7800",
"scope": "eq",
"trust": 1.0,
"vendor": "alcatel",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "omniswitch 7800",
"scope": null,
"trust": 0.6,
"vendor": "alcatel",
"version": null
},
{
"model": "omniswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "alcatel lucent",
"version": "78000"
},
{
"model": "omniswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "alcatel lucent",
"version": "77000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-0571"
},
{
"db": "BID",
"id": "9745"
},
{
"db": "NVD",
"id": "CVE-2004-2377"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:alcatel:omniswitch_7800:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:alcatel:omniswitch:7000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2377"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Shekman\u203b michaels80@ci.manchester.ct.us",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
],
"trust": 0.6
},
"cve": "CVE-2004-2377",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-10805",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-2377",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-127",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-10805",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10805"
},
{
"db": "NVD",
"id": "CVE-2004-2377"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled. Alcatel Omniswitch is a high-performance switch. \n\n\u00a0The OmniSwitch 7000 series switch system has problems processing some types of network communications. Remote attackers can use this vulnerability to conduct denial of service attacks on the switch. \n\n\u00a0When using Nessus for security scanning, it was found that the OmniSwitch 7000 series switches would be restarted, causing a denial of service. \nThe problem is in the handling of scans by third-party security software. It has been reported that as a result of such scans, the switch reportedly reboots, impacting performance",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2377"
},
{
"db": "CNVD",
"id": "CNVD-2004-0571"
},
{
"db": "BID",
"id": "9745"
},
{
"db": "VULHUB",
"id": "VHN-10805"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-2377",
"trust": 2.3
},
{
"db": "BID",
"id": "9745",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "10981",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1009211",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "4064",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-127",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2004-0571",
"trust": 0.6
},
{
"db": "XF",
"id": "15318",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "6098",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040219 ALCATEL OMNISWITCH 7000 SERIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10805",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-0571"
},
{
"db": "VULHUB",
"id": "VHN-10805"
},
{
"db": "BID",
"id": "9745"
},
{
"db": "NVD",
"id": "CVE-2004-2377"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
]
},
"id": "VAR-200412-0377",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10805"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:59:36.234000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2377"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/9745"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/355134"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/4064"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1009211"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/10981"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15318"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/15318"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/6098"
},
{
"trust": 0.3,
"url": "http://www.ind.alcatel.com/products/index.cfm?cnt=omniswitch_7000"
},
{
"trust": 0.3,
"url": "/archive/1/355134"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10805"
},
{
"db": "BID",
"id": "9745"
},
{
"db": "NVD",
"id": "CVE-2004-2377"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2004-0571"
},
{
"db": "VULHUB",
"id": "VHN-10805"
},
{
"db": "BID",
"id": "9745"
},
{
"db": "NVD",
"id": "CVE-2004-2377"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-0571"
},
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-10805"
},
{
"date": "2004-02-25T00:00:00",
"db": "BID",
"id": "9745"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2377"
},
{
"date": "2004-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-0571"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10805"
},
{
"date": "2004-02-25T00:00:00",
"db": "BID",
"id": "9745"
},
{
"date": "2017-07-11T01:31:50.670000",
"db": "NVD",
"id": "CVE-2004-2377"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alcatel OmniSwitch 7000 Series Security Scan Denial of Service Attack Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-0571"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-127"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…