Details of VAR-200203-0075

ID

VAR-200203-0075

CVE

CVE-2002-0127

TITLE

NetGear RP114 Router WAN Interface Remote Denial of Service Attack Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2002-0071 // CNNVD: CNNVD-200203-085

DESCRIPTION

Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port. The Netgear RP114 Cable / DSL Web Safe router allows some users to share cable / DSL connections and provides address translation capabilities. A similar situation may occur in other configuration situations, and it may be the problem for all routers with firmware versions earlier than 3.26. All incoming/outgoing communication across the WAN port will cease for the duration of the port scan. This condition has reportedly also been reproduced with other configurations. This issue may affect firmware releases other than v3.26. < *Link: http://archives.neohapsis.com/archives/bugtraq/2002-01/0183.html* >

Trust: 1.8

sources: NVD: CVE-2002-0127 // CNVD: CNVD-2002-0071 // BID: 3876 // VULHUB: VHN-4522

AFFECTED PRODUCTS

vendor:	netgear	model:	rp114	scope:	eq	version:	3.26	Trust: 1.9
vendor:	none	model:	-	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2002-0071 // BID: 3876 // CNNVD: CNNVD-200203-085 // NVD: CVE-2002-0127

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-0127
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200203-085
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-4522
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2002-0127
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-4522
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-4522 // CNNVD: CNNVD-200203-085 // NVD: CVE-2002-0127

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0127

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200203-085

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200203-085

EXTERNAL IDS

db:	NVD	id:	CVE-2002-0127	Trust: 2.6
db:	BID	id:	3876	Trust: 2.0
db:	CNNVD	id:	CNNVD-200203-085	Trust: 0.7
db:	CNVD	id:	CNVD-2002-0071	Trust: 0.6
db:	BUGTRAQ	id:	20020115 VULNERABILITY NETGEAR RP-114 ROUTER - NMAP CAUSES DOS	Trust: 0.6
db:	VULHUB	id:	VHN-4522	Trust: 0.1

sources: CNVD: CNVD-2002-0071 // VULHUB: VHN-4522 // BID: 3876 // CNNVD: CNNVD-200203-085 // NVD: CVE-2002-0127

REFERENCES

url:	http://www.securityfocus.com/bid/3876	Trust: 1.7
url:	http://online.securityfocus.com/archive/1/250405	Trust: 1.7
url:	http://www.netgear.com/product_view.asp?xrp=4&yrp=12&zrp=93	Trust: 0.3

sources: VULHUB: VHN-4522 // BID: 3876 // CNNVD: CNNVD-200203-085 // NVD: CVE-2002-0127

CREDITS

This vulnerability was submitted to BugTraq on January 15th, 2002 by "Omkhar Arasaratnam" <omkhar@rogers.com>.

Trust: 0.3

sources: BID: 3876

SOURCES

db:	CNVD	id:	CNVD-2002-0071
db:	VULHUB	id:	VHN-4522
db:	BID	id:	3876
db:	CNNVD	id:	CNNVD-200203-085
db:	NVD	id:	CVE-2002-0127

LAST UPDATE DATE

2025-04-03T22:24:16.480000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2002-0071	date:	2002-01-18T00:00:00
db:	VULHUB	id:	VHN-4522	date:	2008-11-04T00:00:00
db:	BID	id:	3876	date:	2009-07-11T09:56:00
db:	CNNVD	id:	CNNVD-200203-085	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2002-0127	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2002-0071	date:	2002-01-15T00:00:00
db:	VULHUB	id:	VHN-4522	date:	2002-03-25T00:00:00
db:	BID	id:	3876	date:	2002-01-15T00:00:00
db:	CNNVD	id:	CNNVD-200203-085	date:	2002-01-15T00:00:00
db:	NVD	id:	CVE-2002-0127	date:	2002-03-25T05:00:00