PT-2013-5205 · Hewlett Packard · Hp Jd9##A+8
Publicado
2013-08-12
·
Atualizado
2014-01-04
·
CVE-2013-4806
CVSS v2.0
7.0
Alta
| Vetor | AV:N/AC:M/Au:S/C:P/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
HP JD9##A routers version (affected versions not specified)
HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches version (affected versions not specified)
HP 3COM routers and switches version (affected versions not specified)
HP H3C routers and switches version (affected versions not specified)
Description
The issue is related to the OSPF implementation, which does not account for duplicate Link State ID values in Link State Advertisement (LSA) packets. This allows remote authenticated users to cause a denial of service, resulting in routing disruption, or obtain sensitive packet information by sending a crafted LSA packet.
Recommendations
For HP JD9##A routers, update the OSPF implementation to consider duplicate Link State ID values.
For HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches, update the OSPF implementation to consider duplicate Link State ID values.
For HP 3COM routers and switches, update the OSPF implementation to consider duplicate Link State ID values.
For HP H3C routers and switches, update the OSPF implementation to consider duplicate Link State ID values.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Hp 3Com
Hp H3C
Hp J4###A
Hp J484#B
Hp J8###A
Hp Jd3##A
Hp Jd9##A
Hp Je###A
Hp Jf55#A