Signature Detail
Short Name |
DISCARD:INFO:ASCEND-DISCARD |
|---|---|
Severity |
Low |
Recommended |
No |
Category |
DISCARD |
Keywords |
ascend lucent discard |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DISCARD: Ascent/Lucent Router Information Disclosure
This signature detects attempts to exploit vulnerabilities in Lucent and Ascend routers. Attackers can send a maliciously crafted packet to the DISCARD port of the router to obtain confidential information. This information can be used to further compromise the system.
Extended Description
Several Lucent Router product lines include support for a configuration tool which communicates over UDP on port 9. If a specially crafted packet is sent to some of these devices on UDP port 9, a response is issued which contains sensitive information. This information may be of aid in further attacks against the network or device.
Affected Products
- Ascend MAX 5.0.0 .0Ap42
- Ascend Pipeline 5.0.0 .0A
- Lucent Ascend MAX Router 1.0.0
- Lucent Ascend MAX Router 2.0.0
- Lucent Ascend MAX Router 3.0.0
- Lucent Ascend MAX Router 4.0.0
- Lucent Ascend MAX Router 5.0.0
- Lucent Ascend MAX Router 5.0.0 ap48
- Lucent Ascend Pipeline Router 1.0.0
- Lucent Ascend Pipeline Router 2.0.0
- Lucent Ascend Pipeline Router 3.0.0
- Lucent Ascend Pipeline Router 4.0.0
- Lucent Ascend Pipeline Router 5.0.0
- Lucent Ascend Pipeline Router 6.0.0
- Lucent Ascend Pipeline Router 6.0.2
- Lucent DSLTerminator
References