var-200210-0084
Vulnerability from variot
Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface. The ONS15454 is an optical network platform manufactured and distributed by Cisco. Under some circumstances, it may be possible to stop the ONS15454 from handling traffic. The receipt of this type of packet via the TCC interface causes the reset of the TCC interface. Solaris 9 is a UNIX operating system developed by Sun, which includes the rcp program for remote copying between hosts. The rcp program does not perform correct boundary checks when processing parameter data submitted by users. Local attackers can exploit this vulnerability to carry out buffer overflow attacks. There is a loophole in rcp's processing of super long command line parameters. The user submits a file name exceeding 10,000 bytes, and the destination host name and destination file name are used as parameters for the rcp program to execute, which may cause buffer overflow. Because rcp runs as suid root in the system Attribute installation, carefully constructed parameter data may allow an attacker to execute arbitrary instructions on the system with root privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200210-0084",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.2.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1.0"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1.0"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.2.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
}
],
"sources": [
{
"db": "BID",
"id": "5058"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-141"
},
{
"db": "NVD",
"id": "CVE-2002-0952"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "alex medvedev\u203b alexm@pycckue.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-141"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0952",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0952",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5341",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0952",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200210-141",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5341",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5341"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-141"
},
{
"db": "NVD",
"id": "CVE-2002-0952"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface. The ONS15454 is an optical network platform manufactured and distributed by Cisco. \nUnder some circumstances, it may be possible to stop the ONS15454 from handling traffic. The receipt of this type of packet via the TCC interface causes the reset of the TCC interface. Solaris 9 is a UNIX operating system developed by Sun, which includes the rcp program for remote copying between hosts. The rcp program does not perform correct boundary checks when processing parameter data submitted by users. Local attackers can exploit this vulnerability to carry out buffer overflow attacks. There is a loophole in rcp\u0027s processing of super long command line parameters. The user submits a file name exceeding 10,000 bytes, and the destination host name and destination file name are used as parameters for the rcp program to execute, which may cause buffer overflow. Because rcp runs as suid root in the system Attribute installation, carefully constructed parameter data may allow an attacker to execute arbitrary instructions on the system with root privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0952"
},
{
"db": "BID",
"id": "5058"
},
{
"db": "VULHUB",
"id": "VHN-5341"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5058",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-0952",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200210-141",
"trust": 0.7
},
{
"db": "XF",
"id": "9377",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20020619 CISCO ONS15454 IP TOS BIT VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-5341",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5341"
},
{
"db": "BID",
"id": "5058"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-141"
},
{
"db": "NVD",
"id": "CVE-2002-0952"
}
]
},
"id": "VAR-200210-0084",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5341"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-22T23:15:25.008000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0952"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/5058"
},
{
"trust": 2.7,
"url": "http://www.cisco.com/warp/public/707/ons-tos-vuln-pub.shtml"
},
{
"trust": 2.7,
"url": "http://www.iss.net/security_center/static/9377.php"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/univercd/cc/td/doc/product/ong/15400/r33docs/sftuprgd/u2to33.htm"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/univercd/cc/td/doc/product/ong/15400/r33docs/sftuprgd/u3to33.htm"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5341"
},
{
"db": "BID",
"id": "5058"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-141"
},
{
"db": "NVD",
"id": "CVE-2002-0952"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5341"
},
{
"db": "BID",
"id": "5058"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-141"
},
{
"db": "NVD",
"id": "CVE-2002-0952"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-04T00:00:00",
"db": "VULHUB",
"id": "VHN-5341"
},
{
"date": "2002-06-19T00:00:00",
"db": "BID",
"id": "5058"
},
{
"date": "2002-06-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-141"
},
{
"date": "2002-10-04T04:00:00",
"db": "NVD",
"id": "CVE-2002-0952"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-5341"
},
{
"date": "2002-06-19T00:00:00",
"db": "BID",
"id": "5058"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-141"
},
{
"date": "2024-11-20T23:40:15.323000",
"db": "NVD",
"id": "CVE-2002-0952"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-141"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sun Solaris rcp Command Line Parameter Local Buffer Overflow Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-141"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-141"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…