CVE-2002-1147

Published: Oct 11, 2002Modified: Apr 16, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stacking features and remote administration enabled, does not authenticate requests to reset the device, which allows remote attackers to cause a denial of service via a direct request to the device_reset CGI program.

Affected (1)

Products: Hp: Procurve Switch 4000m

1 product

Procurve Switch 4000m

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hp Procurve Switch 4000m	Up to c.09.15

References (10)

http://marc.info/?l=bugtraq&m=103287951910420&w=2

Source: cve@mitre.org

http://online.securityfocus.com/advisories/4501

Source: cve@mitre.org

Vendor Advisory

http://www.iss.net/security_center/static/10172.php

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/5784

Source: cve@mitre.org

http://www.tech-serve.com/research/advisories/2002/a092302-1.txt

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=103287951910420&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://online.securityfocus.com/advisories/4501

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.iss.net/security_center/static/10172.php

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/5784

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.tech-serve.com/research/advisories/2002/a092302-1.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.