CVE-2001-0564 - APC Web/SNMP Management Card prior to Firmware 310 only supports one telnet connection, which allows

CVE-2001-0564

Summary

APC Web/SNMP Management Card prior to Firmware 310 only supports one telnet connection, which allows a remote attacker to create a denial of service via repeated failed logon attempts which temporarily locks the card.

References

ftp://ftp.apcftp.com/hardware/webcard/firmware/sy/v310/install.txt
http://archives.neohapsis.com/archives/bugtraq/2001-02/0436.html
http://www.securityfocus.com/bid/2430
https://exchange.xforce.ibmcloud.com/vulnerabilities/6199

Vulnerable Configurations

cpe:2.3:h:apc:ap9606:-:*:*:*:*:*:*:*
cpe:2.3:h:apc:ap9606:-:*:*:*:*:*:*:*
cpe:2.3:h:apc:ap9606:3.0:*:*:*:*:*:*:*
cpe:2.3:h:apc:ap9606:3.0:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 10-10-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	2430
bugtraq	20010225 APC web/snmp/telnet management card dos
misc	ftp://ftp.apcftp.com/hardware/webcard/firmware/sy/v310/install.txt
xf	apc-telnet-dos(6199)

Last major update

10-10-2017 - 01:29

Published

22-08-2001 - 04:00

Last modified

10-10-2017 - 01:29