CVE-2002-0209

Nortel Alteon ACEdirector WebOS 9.0 - Info Disclosure

Title source: llm

Description

Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dave Plonka · perlremotehardware

https://www.exploit-db.com/exploits/21243

View Code ZIP pw:eip

References (4)

[Patch, Vendor Advisory] http://www.iss.net/security_center/static/8010.php

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/261548

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/3964

[Patch, Vendor Advisory] http://online.securityfocus.com/archive/1/252455

Scores

EPSS 0.0783

EPSS Percentile 92.0%

Details

Status published

Products (1)

nortel/alteon_acedirector 9.0

Published May 16, 2002

Tracked Since Feb 18, 2026