Vulnerability Description
Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Routing, allow remote attackers to cause a denial of service (crash) via a packet with the IP record route option set.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Enterasys | Xsr-1805 | 7.0.0.0 |
| Enterasys | Xsr-1850 | 7.0.0.0 |
| Enterasys | Xsr-3000 | All versions |
References
- http://marc.info/?l=bugtraq&m=108886995627906&w=2
- http://www.enterasys.com/support/security/incidents/2004/07/11036.html
- http://www.securityfocus.com/bid/10653Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16616
- http://marc.info/?l=bugtraq&m=108886995627906&w=2
- http://www.enterasys.com/support/security/incidents/2004/07/11036.html
- http://www.securityfocus.com/bid/10653Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16616
FAQ
What is CVE-2004-0674?
CVE-2004-0674 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Routing, allow remote attackers to cause a denial of service (crash) via a packet with the IP record ro...
How severe is CVE-2004-0674?
CVE-2004-0674 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0674?
Check the references section above for vendor advisories and patch information. Affected products include: Enterasys Xsr-1805, Enterasys Xsr-1850, Enterasys Xsr-3000.