Details of VAR-200304-0096

ID

VAR-200304-0096

CVE

CVE-2002-1426

TITLE

HP ProCurve Switch write specific SNMP Branch Remote Denial of Service Attack Vulnerability

Trust: 0.8

sources: IVD: be718a12-23cd-11e6-abef-000c29c66e3d // CNNVD: CNNVD-200304-085

DESCRIPTION

HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow. HP ProCurve 4000M Switch is a high-performance switch issued by HP. The HP ProCurve 4000M switch has a problem handling a certain SNMP variable being written. A remote attacker can use this vulnerability to conduct a denial of service attack on the switch

Trust: 1.98

sources: NVD: CVE-2002-1426 // CNVD: CNVD-2002-3203 // BID: 5336 // IVD: be718a12-23cd-11e6-abef-000c29c66e3d // VULHUB: VHN-5811

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: be718a12-23cd-11e6-abef-000c29c66e3d // CNVD: CNVD-2002-3203

AFFECTED PRODUCTS

vendor:	hp	model:	procurve switch 4000m	scope:	eq	version:	c.07.23	Trust: 1.6
vendor:	none	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	hp	model:	procurve switch 4000m	scope:	-	version:	-	Trust: 0.3
vendor:	procurve switch 4000m	model:	c.07.23	scope:	-	version:	-	Trust: 0.2

sources: IVD: be718a12-23cd-11e6-abef-000c29c66e3d // CNVD: CNVD-2002-3203 // BID: 5336 // CNNVD: CNNVD-200304-085 // NVD: CVE-2002-1426

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-1426
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200304-085
value:	HIGH
Trust: 0.6
IVD:	be718a12-23cd-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
VULHUB:	VHN-5811
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2002-1426
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
IVD:	be718a12-23cd-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-5811
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: be718a12-23cd-11e6-abef-000c29c66e3d // VULHUB: VHN-5811 // CNNVD: CNNVD-200304-085 // NVD: CVE-2002-1426

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-1426

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200304-085

TYPE

Design error

Trust: 1.1

sources: IVD: be718a12-23cd-11e6-abef-000c29c66e3d // BID: 5336 // CNNVD: CNNVD-200304-085

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-5811

EXTERNAL IDS

db:	NVD	id:	CVE-2002-1426	Trust: 2.8
db:	BID	id:	5336	Trust: 2.0
db:	CNNVD	id:	CNNVD-200304-085	Trust: 0.9
db:	CNVD	id:	CNVD-2002-3203	Trust: 0.8
db:	BUGTRAQ	id:	20020727 PHENOELIT ADVISORY 0815 ++ /+ HP PROCURVE	Trust: 0.6
db:	XF	id:	9708	Trust: 0.6
db:	IVD	id:	BE718A12-23CD-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	SEEBUG	id:	SSVID-75481	Trust: 0.1
db:	EXPLOIT-DB	id:	21657	Trust: 0.1
db:	VULHUB	id:	VHN-5811	Trust: 0.1

sources: IVD: be718a12-23cd-11e6-abef-000c29c66e3d // CNVD: CNVD-2002-3203 // VULHUB: VHN-5811 // BID: 5336 // CNNVD: CNNVD-200304-085 // NVD: CVE-2002-1426

REFERENCES

url:	http://www.phenoelit.de/stuff/hp_procurve.txt	Trust: 2.0
url:	http://www.securityfocus.com/bid/5336	Trust: 1.7
url:	http://archives.neohapsis.com/archives/bugtraq/2002-07/0338.html	Trust: 1.7
url:	http://www.iss.net/security_center/static/9708.php	Trust: 1.7
url:	http://www.hp.com/rnd/	Trust: 0.3

sources: VULHUB: VHN-5811 // BID: 5336 // CNNVD: CNNVD-200304-085 // NVD: CVE-2002-1426

CREDITS

kim0 kim0@phenoelit.de

Trust: 0.6

sources: CNNVD: CNNVD-200304-085

SOURCES

db:	IVD	id:	be718a12-23cd-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2002-3203
db:	VULHUB	id:	VHN-5811
db:	BID	id:	5336
db:	CNNVD	id:	CNNVD-200304-085
db:	NVD	id:	CVE-2002-1426

LAST UPDATE DATE

2025-04-03T22:25:18.961000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2002-3203	date:	2002-07-27T00:00:00
db:	VULHUB	id:	VHN-5811	date:	2008-09-05T00:00:00
db:	BID	id:	5336	date:	2009-07-11T14:56:00
db:	CNNVD	id:	CNNVD-200304-085	date:	2007-05-07T00:00:00
db:	NVD	id:	CVE-2002-1426	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	IVD	id:	be718a12-23cd-11e6-abef-000c29c66e3d	date:	2002-07-27T00:00:00
db:	CNVD	id:	CNVD-2002-3203	date:	2002-07-27T00:00:00
db:	VULHUB	id:	VHN-5811	date:	2003-04-11T00:00:00
db:	BID	id:	5336	date:	2002-07-27T00:00:00
db:	CNNVD	id:	CNNVD-200304-085	date:	2002-07-27T00:00:00
db:	NVD	id:	CVE-2002-1426	date:	2003-04-11T04:00:00