Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0209


Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0209
Last Modified 10 Sep 2008 08:00:43
Published 16 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address.

Vulnerable Systems


XF - acedirector-http-reveal-ip(8010)

BUGTRAQ - 20020125 Alteon ACEdirector signature/security bug

BID - 3964

BUGTRAQ - 20020312 Re: Alteon ACEdirector signature/security bug

Last Updated: 27 May 2016 10:36:50