Vulnerability Description
Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lucent | Ascend Max Router | 2.0 |
| Lucent | Ascend Pipeline Router | 1.0 |
| Lucent | Dslterminator | All versions |
References
- http://online.securityfocus.com/archive/1/284650
- http://www.iss.net/security_center/static/9704.php
- http://www.securityfocus.com/bid/5335
- http://online.securityfocus.com/archive/1/284650
- http://www.iss.net/security_center/static/9704.php
- http://www.securityfocus.com/bid/5335
FAQ
What is CVE-2002-2148?
CVE-2002-2148 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP...
How severe is CVE-2002-2148?
CVE-2002-2148 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2148?
Check the references section above for vendor advisories and patch information. Affected products include: Lucent Ascend Max Router, Lucent Ascend Pipeline Router, Lucent Dslterminator.