CVE-2002-0209

Nortel Alteon ACEdirector WebOS 9.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0209. PoCs published by Dave Plonka.

AI-analyzed exploit summary This exploit demonstrates an information leakage vulnerability in Alteon ACEdirector by leveraging TCP half-close to bypass load balancer traffic alteration, revealing the real IP addresses of backend web servers. It sends an HTTP request, shuts down the write half of the socket, and monitors responses to detect the real server IP.

Description

Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Dave Plonka · perlremotehardware
https://www.exploit-db.com/exploits/21243

This exploit demonstrates an information leakage vulnerability in Alteon ACEdirector by leveraging TCP half-close to bypass load balancer traffic alteration, revealing the real IP addresses of backend web servers. It sends an HTTP request, shuts down the write half of the socket, and monitors responses to detect the real server IP.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Alteon ACEdirector (Nortel WebOS)
No auth needed
Prerequisites: Access to the virtual IP address of the ACEdirector · TCP half-close support in the client socket
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Patch, Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/8010.php
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/261548
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3964
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/252455

Scores

EPSS 0.0332
EPSS Percentile 87.0%

Details

Status published
Products (1)
nortel/alteon_acedirector 9.0
Published May 16, 2002
Tracked Since Feb 18, 2026