Vulnerabilities > CVE-2004-0674 - Denial Of Service vulnerability in Enterasys Xsr-1805, Xsr-1850 and Xsr-3000

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

enterasys

NVD

Published: 2004-08-06

Updated: 2017-07-11

Summary

Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Routing, allow remote attackers to cause a denial of service (crash) via a packet with the IP record route option set.

Vulnerable Configurations

Part	Description	Count
Hardware	Enterasys Enterasys XSR 1805 7.0.0.0 Enterasys XSR 1850 7.0.0.0 Enterasys XSR 3000 *	3

References

http://marc.info/?l=bugtraq&m=108886995627906&w=2
http://www.enterasys.com/support/security/incidents/2004/07/11036.html
http://www.securityfocus.com/bid/10653
https://exchange.xforce.ibmcloud.com/vulnerabilities/16616