Vulnerabilities > CVE-2002-2148 - Information Disclosure vulnerability in Lucent products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

lucent

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response.

Vulnerable Configurations

Part	Description	Count
Hardware	Lucent Lucent Ascend MAX Router 2.0 Lucent Ascend MAX Router 3.0 Lucent Ascend MAX Router 4.0 Lucent Ascend MAX Router 5.0 Lucent Ascend MAX Router 5.0_Ap48 Lucent Ascend Pipeline Router 1.0 Lucent Ascend Pipeline Router 2.0 Lucent Ascend Pipeline Router 3.0 Lucent Ascend Pipeline Router 4.0 Lucent Ascend Pipeline Router 5.0 Lucent Ascend Pipeline Router 6.0 Lucent Ascend Pipeline Router 6.0.2 Lucent Dslterminator *	13

Summary

Vulnerable Configurations

References