Bay/Nortel Networks Nautica Marlin路由器远程拒绝服务攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1105724 漏洞类型 输入验证
发布时间 2000-02-25 更新时间 2005-05-02
CVE编号 CVE-2000-0221 CNNVD-ID CNNVD-200002-072
漏洞平台 Hardware CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/19766
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200002-072
|漏洞详情
NauticaMarlin是一种由Bay/NortelNetworks开发的路由器产品。NauticaMarlin路由器产品易受拒绝服务攻击。发送一个0字节的UDP包给路由器的161(SNMP)端口将导致它停止响应。使用Nmap或者其他的UDP端口扫描器可以很容易地实现这种攻击。
|漏洞EXP
source: http://www.securityfocus.com/bid/1009/info

A vulnerability exists in the Nortel/Bay Networks Nautica Marlin router pruduct. Sending a 0 byte UDP packet to port 161 (SNMP) to one of these routers will cause it to crash. This attack can be trivially performed using NMAP or other UDP port scanner.

nmap -sU -p 161 hosttodos
|参考资料

来源:BID
名称:1009
链接:http://www.securityfocus.com/bid/1009
来源:NSFOCUS
名称:346
链接:http://www.nsfocus.net/vulndb/346