CVE-2002-2148

Name of the Vulnerable Software and Affected Versions: Lucent Ascend MAX Router versions 5.0 and earlier Lucent Ascend Pipeline Router versions 6.0.2 and earlier Lucent DSLTerminator (affected versions not specified)

Description: The issue allows remote attackers to obtain sensitive information, including hostname, MAC, and IP address of the Ethernet interface, by sending a discard packet via UDP port 9. This causes the device to leak the information in its response.

Recommendations: For Lucent Ascend MAX Router versions 5.0 and earlier, restrict access to UDP port 9 to minimize the risk of exploitation. For Lucent Ascend Pipeline Router versions 6.0.2 and earlier, consider blocking incoming discard packets on UDP port 9 until a fix is available. For Lucent DSLTerminator, at the moment, there is no information about a newer version that contains a fix for this vulnerability.