CVE-2002-0438

ZyXEL ZyWALL 10 before 3.50 allows remote attackers to cause a denial of service via an ARP packet with the firewall's IP address and an incorrect MAC address, which causes the firewall to disable the LAN interface.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/archive/1/261411	Vendor Advisory
http://www.iss.net/security_center/static/8436.php	Vendor Advisory
http://www.securityfocus.com/bid/4272	Exploit Patch Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0067.html
ftp://ftp.zyxel.com/public/zywall10/firmware/zywall10_V3.50(WA.2)C0_Standard.zip

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:zyxel:zywall10:3.20_wa0:::::::*
	cpe:2.3:h:zyxel:zywall10:3.20_wa1:::::::*
	cpe:2.3:h:zyxel:zywall10:3.24_wa0:::::::*
	cpe:2.3:h:zyxel:zywall10:3.24_wa1:::::::*
	cpe:2.3:h:zyxel:zywall10:3.24_wa2:::::::*
	cpe:2.3:h:zyxel:zywall10:3.50_wa1:::::::*

Information

Published : 2002-07-25 21:00

Updated : 2018-08-13 14:47

NVD link : CVE-2002-0438

Mitre link : CVE-2002-0438

JSON object : View

CWE

NVD-CWE-Other

Products Affected

zyxel

zywall10

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/archive/1/261411", "name": "20020311 ZyXEL ZyWALL10 DoS", "tags": ["Vendor Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://www.iss.net/security_center/static/8436.php", "name": "zyxel-zywall10-arp-dos(8436)", "tags": ["Vendor Advisory"], "refsource": "XF"}, {"url": "http://www.securityfocus.com/bid/4272", "name": "4272", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0067.html", "name": "20020312 [VulnWatch] ZyXEL ZyWALL10 DoS", "tags": [], "refsource": "VULNWATCH"}, {"url": "ftp://ftp.zyxel.com/public/zywall10/firmware/zywall10_V3.50(WA.2)C0_Standard.zip", "name": "ftp://ftp.zyxel.com/public/zywall10/firmware/zywall10_V3.50(WA.2)C0_Standard.zip", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "ZyXEL ZyWALL 10 before 3.50 allows remote attackers to cause a denial of service via an ARP packet with the firewall's IP address and an incorrect MAC address, which causes the firewall to disable the LAN interface."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2002-0438", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2002-07-26T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:zyxel:zywall10:3.20_wa0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:zyxel:zywall10:3.20_wa1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:zyxel:zywall10:3.24_wa0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:zyxel:zywall10:3.24_wa1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:zyxel:zywall10:3.24_wa2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:zyxel:zywall10:3.50_wa1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-08-13T21:47Z"}

5.0 /10