Sign-up

ID

VAR-201005-0433


TITLE

Hitachi TP1/Message Control malformed packet remote denial of service vulnerability

Trust: 0.6

sources: CNVD: CNVD-2010-0896

DESCRIPTION

Hitachi TP1/Message Control and uCosminexus TP1/Message Control have unclear errors in handling malformed messages, and remote attackers can exploit vulnerabilities to perform denial of service attacks on service programs. Hitachi TP1/Message Control and uCosminexus TP1/Message Control are prone to a denial-of-service vulnerability because they fail to properly handle crafted packets. Attackers can exploit this issue to create a denial-of-service condition; this may aid in further attacks. ---------------------------------------------------------------------- Stay Compliant Alerts, Technical Descriptions, PoC, Links to patches, CVSS, CVE, Changelogs, Alternative Remediation Strategies, and much more provided in the Secunia Vulnerability Intelligence solutions Free Trial http://secunia.com/products/corporate/evm/trial/ ---------------------------------------------------------------------- TITLE: Hitachi TP1/Message Control Denial of Service Vulnerability SECUNIA ADVISORY ID: SA39897 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/39897/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=39897 RELEASE DATE: 2010-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/39897/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/39897/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=39897 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Hitachi TP1/Message Control, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the TP1/Message Control Mapping Service, which can be exploited to cause a DoS. Please see the vendor's advisory for a list of affected products and versions. SOLUTION: Please see the vendor's advisory for fix information. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-007/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 0.9

sources: CNVD: CNVD-2010-0896 // BID: 40222 // PACKETSTORM: 89778

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2010-0896

AFFECTED PRODUCTS

vendor:hitachimodel:ucosminexus tp1/message controlscope:eqversion:0

Trust: 0.9

vendor:hitachimodel:tp1/message control tp1/message controlscope: - version: -

Trust: 0.6

vendor:hitachimodel:tp1/message control 03-01-/ascope: - version: -

Trust: 0.6

vendor:hitachimodel:tp1/message controlscope:eqversion:03-01

Trust: 0.6

vendor:hitachimodel:ucosminexus tp1/message controlscope:eqversion:07-01

Trust: 0.3

vendor:hitachimodel:ucosminexus tp1/message controlscope:eqversion:07-00-06

Trust: 0.3

vendor:hitachimodel:ucosminexus tp1/message controlscope:eqversion:07-00

Trust: 0.3

vendor:hitachimodel:tp1/message control 06-02-/e (windowscope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control 06-02-/escope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-07-ab (hp-uxscope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-07-ab (hp-uxscope:eqversion:v10)

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-07-/m (hi-ux/scope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-07-/mscope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-07-/l (hi-ux/scope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-07-/l (hi-ux/we2(scope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control (hp-uxscope:eqversion:03-06(*2)v10

Trust: 0.3

vendor:hitachimodel:tp1/message control (hp-ux v10(engscope:eqversion:03-06

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-03-ascope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control (hp-uxscope:eqversion:03-03(*2)v9)

Trust: 0.3

vendor:hitachimodel:tp1/message control (hp-uxscope:eqversion:03-03v9)

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-02-/i (solariscope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-02-/iscope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message controlscope:eqversion:03-02

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-01-/a (aix(enscope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control 03-01-/a (aix(englisscope: - version: -

Trust: 0.3

vendor:hitachimodel:tp1/message control (hp-uxscope:eqversion:03-01v9)

Trust: 0.3

vendor:hitachimodel:tp1/message control (hp-uxscope:eqversion:03-01v10)

Trust: 0.3

vendor:hitachimodel:tp1/message control (hi-ux/we2(engscope:eqversion:03-01

Trust: 0.3

vendor:hitachimodel:tp1/message control (aix(englishscope:eqversion:03-01v

Trust: 0.3

vendor:hitachimodel:tp1/message controlscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:ucosminexus tp1/message controlscope:neversion:07-01-03

Trust: 0.3

vendor:hitachimodel:ucosminexus tp1/message controlscope:neversion:07-00-07

Trust: 0.3

sources: CNVD: CNVD-2010-0896 // BID: 40222

THREAT TYPE

network

Trust: 0.3

sources: BID: 40222

TYPE

Unknown

Trust: 0.3

sources: BID: 40222

PATCH

title:Hitachi TP1/Message Control malformed packet remote denial of service patchurl:https://www.cnvd.org.cn/patchinfo/show/409

Trust: 0.6

sources: CNVD: CNVD-2010-0896

EXTERNAL IDS

db:HITACHIid:HS10-007

Trust: 1.0

db:BIDid:40222

Trust: 0.9

db:CNVDid:CNVD-2010-0896

Trust: 0.6

db:SECUNIAid:39897

Trust: 0.2

db:PACKETSTORMid:89778

Trust: 0.1

sources: CNVD: CNVD-2010-0896 // BID: 40222 // PACKETSTORM: 89778

REFERENCES

url:http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs10-007/index.html

Trust: 1.0

url:http://www.hds.com/products/storage-software/hitachi-device-manager.html

Trust: 0.3

url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs10-007/index.html

Trust: 0.3

url:http://secunia.com/advisories/39897/#comments

Trust: 0.1

url:http://secunia.com/products/corporate/evm/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=39897

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/39897/

Trust: 0.1

url:http://secunia.com/products/corporate/evm/trial/

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2010-0896 // BID: 40222 // PACKETSTORM: 89778

CREDITS

Hitachi

Trust: 0.3

sources: BID: 40222

SOURCES

db:CNVDid:CNVD-2010-0896
db:BIDid:40222
db:PACKETSTORMid:89778

LAST UPDATE DATE

2022-05-17T02:10:05.659000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2010-0896date:2010-05-19T00:00:00
db:BIDid:40222date:2010-06-04T17:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2010-0896date:2010-05-19T00:00:00
db:BIDid:40222date:2010-05-18T00:00:00
db:PACKETSTORMid:89778date:2010-05-21T14:52:08