Vulnerability Description
MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S 3.5.0, when using SSH public key authentication, does not properly restrict access to ports, which allows remote authenticated users to access the consoles of other users.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mrv Communications | In Reach Lx 1000S | 3.5 |
| Mrv Communications | In Reach Lx 4000S | 3.5 |
| Mrv Communications | In Reach Lx 8000S | 3.5 |
References
- http://securitytracker.com/id?1014517
- http://www.securityfocus.com/archive/1/405546ExploitVendor Advisory
- http://www.securityfocus.com/bid/14300
- http://securitytracker.com/id?1014517
- http://www.securityfocus.com/archive/1/405546ExploitVendor Advisory
- http://www.securityfocus.com/bid/14300
FAQ
What is CVE-2005-2329?
CVE-2005-2329 is a vulnerability with a CVSS score of 4.6 (MEDIUM). MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S 3.5.0, when using SSH public key authentication, does not properly restrict access to ports, which allows remote authenticated users to acc...
How severe is CVE-2005-2329?
CVE-2005-2329 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2329?
Check the references section above for vendor advisories and patch information. Affected products include: Mrv Communications In Reach Lx 1000S, Mrv Communications In Reach Lx 4000S, Mrv Communications In Reach Lx 8000S.