header-logo
Suggest Exploit
vendor:
SSR8000 SmartSwitch
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: SSR8000 SmartSwitch
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

SSR8000 SmartSwitch Unpredictable Behavior

The SSR8000 SmartSwitch distributed and maintained by Enterasys has been discovered to react unpredictably when portscanned. When these switches are scanned using specific types of TCP traffic, and scanned on certain ports, the switch becomes unstable and can be crashed consistently.

Mitigation:

Enterasys has released a patch to address this issue. It is recommended that users upgrade to the latest version of the software.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5703/info

The SSR8000 is a SmartSwitch distributed and maintained by Enterasys.

It has been discovered that SSR8000 switches react unpredictably when portscanned. When these switches are scanned using specific types of TCP traffic, and scanned on certain ports, the switch becomes unstable. It has been reported that this can be reproduced consistently to cause the switch to crash. 

nmap -PT 10.2.1.1 -p '15077-15078'

Navigation

Suggest Exploit

Services By CQR