Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1147

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2002-1147
Last Modified 10 Sep 2008 03:13:57
Published 11 Oct 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2002-1147

Summary

The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stacking features and remote administration enabled, does not authenticate requests to reset the device, which allows remote attackers to cause a denial of service via a direct request to the device_reset CGI program.

Vulnerable Systems


References

BUGTRAQ - 20020924 HP Procurve 4000M Stacked Switch HTTP Reset Vulnerability

MISC - http://www.tech-serve.com/research/advisories/2002/a092302-1.txt

BID - 5784

XF - hp-procurve-http-reset-dos(10172)

HP - HPSBUX0209-219


Last Updated: 27 May 2016 10:37:12