CVE-2002-2185

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.

CVSS v2.0 4.9 MEDIUM

4.9^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 3.9 / Impact : 6.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A
http://online.securityfocus.com/archive/1/276968
http://secunia.com/advisories/18510	Patch Vendor Advisory
http://secunia.com/advisories/18562	Patch Vendor Advisory
http://secunia.com/advisories/18684	Patch Vendor Advisory
http://www.cs.ucsb.edu/~krishna/igmp_dos/	Exploit Patch
http://www.redhat.com/support/errata/RHSA-2006-0101.html	Patch
http://www.redhat.com/support/errata/RHSA-2006-0140.html	Patch
http://www.redhat.com/support/errata/RHSA-2006-0190.html	Patch
http://www.redhat.com/support/errata/RHSA-2006-0191.html	Patch
http://www.securityfocus.com/archive/1/427980/100/0/threaded
http://www.securityfocus.com/archive/1/427981/100/0/threaded
http://www.securityfocus.com/archive/1/428028/100/0/threaded
http://www.securityfocus.com/archive/1/428058/100/0/threaded
http://www.securityfocus.com/bid/5020	Exploit Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/9436
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736
ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A
http://online.securityfocus.com/archive/1/276968
http://secunia.com/advisories/18510	Patch Vendor Advisory
http://secunia.com/advisories/18562	Patch Vendor Advisory
http://secunia.com/advisories/18684	Patch Vendor Advisory
http://www.cs.ucsb.edu/~krishna/igmp_dos/	Exploit Patch
http://www.redhat.com/support/errata/RHSA-2006-0101.html	Patch
http://www.redhat.com/support/errata/RHSA-2006-0140.html	Patch
http://www.redhat.com/support/errata/RHSA-2006-0190.html	Patch
http://www.redhat.com/support/errata/RHSA-2006-0191.html	Patch
http://www.securityfocus.com/archive/1/427980/100/0/threaded
http://www.securityfocus.com/archive/1/427981/100/0/threaded
http://www.securityfocus.com/archive/1/428028/100/0/threaded
http://www.securityfocus.com/archive/1/428058/100/0/threaded
http://www.securityfocus.com/bid/5020	Exploit Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/9436
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:sgi:irix:6.5:::::::*
	cpe:2.3:o:sgi:irix:6.5.1:::::::*
	cpe:2.3:o:sgi:irix:6.5.2:::::::*
	cpe:2.3:o:sgi:irix:6.5.3:::::::*
	cpe:2.3:o:sgi:irix:6.5.4:::::::*
	cpe:2.3:o:sgi:irix:6.5.5:::::::*
	cpe:2.3:o:sgi:irix:6.5.6:::::::*
	cpe:2.3:o:sgi:irix:6.5.7:::::::*
	cpe:2.3:o:sgi:irix:6.5.8:::::::*
	cpe:2.3:o:sgi:irix:6.5.9:::::::*
	cpe:2.3:o:sgi:irix:6.5.10:::::::*
	cpe:2.3:o:sgi:irix:6.5.11:::::::*
	cpe:2.3:o:sgi:irix:6.5.12:::::::*
	cpe:2.3:o:sgi:irix:6.5.13:::::::*
	cpe:2.3:o:sgi:irix:6.5.14f:::::::*
	cpe:2.3:o:sgi:irix:6.5.14m:::::::*
	cpe:2.3:o:sgi:irix:6.5.15f:::::::*
	cpe:2.3:o:sgi:irix:6.5.15m:::::::*
	cpe:2.3:o:sgi:irix:6.5.16f:::::::*
	cpe:2.3:o:sgi:irix:6.5.16m:::::::*
	cpe:2.3:o:sgi:irix:6.5.17f:::::::*
	cpe:2.3:o:sgi:irix:6.5.17m:::::::*
	cpe:2.3:o:sgi:irix:6.5.18f:::::::*
	cpe:2.3:o:sgi:irix:6.5.18m:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:2.2::68k:::::
	cpe:2.3:o:debian:debian_linux:2.2::alpha:::::
	cpe:2.3:o:debian:debian_linux:2.2::arm:::::
	cpe:2.3:o:debian:debian_linux:2.2::ia-32:::::
	cpe:2.3:o:debian:debian_linux:2.2::powerpc:::::
	cpe:2.3:o:debian:debian_linux:2.2::sparc:::::
	cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:::::::*
	cpe:2.3:o:mandrakesoft:mandrake_linux:8.0::ppc:::::
	cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:::::::*
	cpe:2.3:o:mandrakesoft:mandrake_linux:8.1::ia64:::::
	cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:::::::*
	cpe:2.3:o:microsoft:windows_98::gold::::::*
	cpe:2.3:o:microsoft:windows_98se::::::::
	cpe:2.3:o:microsoft:windows_xp:::home:::::*
	cpe:2.3:o:microsoft:windows_xp::gold:professional:::::
	cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_servers:::::
	cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::
	cpe:2.3:o:redhat:enterprise_linux:3.0::workstation:::::
	cpe:2.3:o:redhat:enterprise_linux:4.0::advanced_server:::::
	cpe:2.3:o:redhat:enterprise_linux:4.0::enterprise_server:::::
	cpe:2.3:o:redhat:enterprise_linux:4.0::workstation:::::
	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
	cpe:2.3:o:redhat:linux:6.2::alpha:::::
	cpe:2.3:o:redhat:linux:6.2::i386:::::
	cpe:2.3:o:redhat:linux:6.2::sparc:::::
	cpe:2.3:o:redhat:linux:7.0::alpha:::::
	cpe:2.3:o:redhat:linux:7.0::i386:::::
	cpe:2.3:o:redhat:linux:7.0::sparc:::::
	cpe:2.3:o:redhat:linux:7.1::alpha:::::
	cpe:2.3:o:redhat:linux:7.1::i386:::::
	cpe:2.3:o:redhat:linux:7.1::ia64:::::
	cpe:2.3:o:redhat:linux:7.2::i386:::::
	cpe:2.3:o:redhat:linux:7.2::ia64:::::
	cpe:2.3:o:redhat:linux:7.3::i386:::::
	cpe:2.3:o:redhat:linux_advanced_workstation:2.1::ia64:::::
	cpe:2.3:o:redhat:linux_advanced_workstation:2.1::itanium_processor:::::
	cpe:2.3:o:suse:suse_linux:6.4::i386:::::
	cpe:2.3:o:suse:suse_linux:6.4::ppc:::::
	cpe:2.3:o:suse:suse_linux:6.4:alpha::::::
	cpe:2.3:o:suse:suse_linux:7.0::i386:::::
	cpe:2.3:o:suse:suse_linux:7.0::ppc:::::
	cpe:2.3:o:suse:suse_linux:7.0::sparc:::::
	cpe:2.3:o:suse:suse_linux:7.0:alpha::::::
	cpe:2.3:o:suse:suse_linux:7.1::spa:::::
	cpe:2.3:o:suse:suse_linux:7.1::sparc:::::
	cpe:2.3:o:suse:suse_linux:7.1::x86:::::
	cpe:2.3:o:suse:suse_linux:7.1:alpha::::::
	cpe:2.3:o:suse:suse_linux:7.2::i386:::::
	cpe:2.3:o:suse:suse_linux:7.3::i386:::::
	cpe:2.3:o:suse:suse_linux:7.3::ppc:::::
	cpe:2.3:o:suse:suse_linux:7.3::sparc:::::
	cpe:2.3:o:suse:suse_linux:8.0::i386:::::

History

No history.

Information

Published : 2002-12-31 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2002-2185

Mitre link : CVE-2002-2185

CVE.ORG link : CVE-2002-2185

JSON object : View

Products Affected

redhat

linux
enterprise_linux_desktop
linux_advanced_workstation
enterprise_linux

microsoft

windows_98se
windows_xp
windows_98

debian

debian_linux

mandrakesoft

mandrake_linux

suse

suse_linux

sgi

irix

CWE

NVD-CWE-Other

4.9 /10