CVE-2004-2549

Nortel WLAN AP - DoS

Title source: llm

Description

Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 allow remote attackers to cause a denial of service (service crash) via a TCP request with a large string, followed by 8 newline characters, to (1) the Telnet service on TCP port 23 and (2) the HTTP service on TCP port 80, possibly due to a buffer overflow.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Alex Hernandez · cdoshardware

https://www.exploit-db.com/exploits/23786

View Code ZIP pw:eip

nomisec STUB

by alt3kx · poc

https://github.com/alt3kx/CVE-2004-2549

View Code ZIP pw:eip

References (7)

[Various Sources] http://www116.nortelnetworks.com/docs/bvdoc/wlan/216109a.pdf

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1009294

[Exploit] http://www.securityfocus.com/bid/9787

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15373

[Third Party Advisory] http://archives.neohapsis.com/archives/fulldisclosure/2004-03/0055.html

[Third Party Advisory, VDB Entry] http://www.osvdb.org/4128

[Vendor Advisory] http://secunia.com/advisories/11034

Scores

EPSS 0.0769

EPSS Percentile 91.9%

Details

Status published

Products (3)

nortel/wlan_access_point_2220

nortel/wlan_access_point_2221

nortel/wlan_access_point_2225

Published Dec 31, 2004

Tracked Since Feb 18, 2026