Vulnerabilities > CVE-2002-0209 - Unspecified vulnerability in Nortel Alteon Acedirector 9.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
nortel
exploit available

Summary

Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address.

Vulnerable Configurations

Part Description Count
Hardware
Nortel
1

Exploit-Db

descriptionAlteon AceDirector Half-Closed HTTP Request IP Address Revealing Vulnerabililty. CVE-2002-0209. Remote exploit for hardware platform
idEDB-ID:21243
last seen2016-02-02
modified2001-12-20
published2001-12-20
reporterDave Plonka
sourcehttps://www.exploit-db.com/download/21243/
titleAlteon AceDirector Half-Closed HTTP Request IP Address Revealing Vulnerabililty