VAR-200206-0050
Vulnerability from variot - Updated: 2025-04-03 22:35HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. A problem with the switch could make it possible to deny telnet service to legitimate users of the device. The problem is in the handling of port scans by the device. A ProCurve switch could be led to deny telnet users service of the switch. When the switch is portscanned by a tool such as nmap, which is capable of producing a high amount of TCP connect() requests in a short period of time, the switch will no longer accept new telnet connections. Reportedly, this issue does not affect ICMP or SNMP management of the device, nor are existing telnet sessions disconnected. Rebooting the switch may be required in order to regain normal functionality. HP ProCurve 4000M with firmware version C.09.09 or C.08.22 are reported to be susceptible to this issue. HP ProCurve Switch is a switch product produced by HP
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200206-0050",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "procurve switch 4000m",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "c.09.09"
},
{
"model": "procurve switch 4000m",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "c.08.22"
},
{
"model": "procurve switch 4000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "4212"
},
{
"db": "CNNVD",
"id": "CNNVD-200206-071"
},
{
"db": "NVD",
"id": "CVE-2002-0350"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jon Snyder\u203b jon@pdx.edu",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200206-071"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0350",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0350",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-4743",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0350",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200206-071",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4743",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4743"
},
{
"db": "CNNVD",
"id": "CNNVD-200206-071"
},
{
"db": "NVD",
"id": "CVE-2002-0350"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. A problem with the switch could make it possible to deny telnet service to legitimate users of the device. The problem is in the handling of port scans by the device. \nA ProCurve switch could be led to deny telnet users service of the switch. When the switch is portscanned by a tool such as nmap, which is capable of producing a high amount of TCP connect() requests in a short period of time, the switch will no longer accept new telnet connections. \nReportedly, this issue does not affect ICMP or SNMP management of the device, nor are existing telnet sessions disconnected. Rebooting the switch may be required in order to regain normal functionality. \nHP ProCurve 4000M with firmware version C.09.09 or C.08.22 are reported to be susceptible to this issue. HP ProCurve Switch is a switch product produced by HP",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0350"
},
{
"db": "BID",
"id": "4212"
},
{
"db": "VULHUB",
"id": "VHN-4743"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-0350",
"trust": 2.0
},
{
"db": "BID",
"id": "4212",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200206-071",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20020301 DOS ON HP PROCURVE 4000M SWITCH (POSSIBLY OTHERS)",
"trust": 0.6
},
{
"db": "XF",
"id": "8329",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4743",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4743"
},
{
"db": "BID",
"id": "4212"
},
{
"db": "CNNVD",
"id": "CNNVD-200206-071"
},
{
"db": "NVD",
"id": "CVE-2002-0350"
}
]
},
"id": "VAR-200206-0050",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4743"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:35:07.681000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0350"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4212"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/8329.php"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=101500123900612\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=101500123900612\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.hp.com/rnd/"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=101500123900612\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4743"
},
{
"db": "BID",
"id": "4212"
},
{
"db": "CNNVD",
"id": "CNNVD-200206-071"
},
{
"db": "NVD",
"id": "CVE-2002-0350"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4743"
},
{
"db": "BID",
"id": "4212"
},
{
"db": "CNNVD",
"id": "CNNVD-200206-071"
},
{
"db": "NVD",
"id": "CVE-2002-0350"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-06-25T00:00:00",
"db": "VULHUB",
"id": "VHN-4743"
},
{
"date": "2002-03-01T00:00:00",
"db": "BID",
"id": "4212"
},
{
"date": "2002-03-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200206-071"
},
{
"date": "2002-06-25T04:00:00",
"db": "NVD",
"id": "CVE-2002-0350"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-4743"
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4212"
},
{
"date": "2007-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200206-071"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-0350"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200206-071"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP ProCurve Switch Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "4212"
},
{
"db": "CNNVD",
"id": "CNNVD-200206-071"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200206-071"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…