CVE-2007-2332

{"id": "CVE-2007-2332", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-04-27T16:19:00.000", "references": [{"url": "http://secunia.com/advisories/24962", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/23562", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1464", "source": "cve@mitre.org"}, {"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store."}, {"lang": "es", "value": "Nortel VPN Router (tambi\u00e9n conocido como Contivity) 1000, 2000, 4000, y 5000 anterior a 6_05.140 utiliza una llave DES para encriptar contrase\u00f1as, lo cual permite a usuarios remotos validados obtener una contrase\u00f1a a trav\u00e9s de ataques por fuerza bruta sobre un hash desde el LDAP almacenado."}], "lastModified": "2011-03-08T02:54:01.297", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nortel:vpn_router_1010:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "370BE654-2A89-4FA9-BE88-3E4CA19441FC"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_1050:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD74483C-842C-4E01-A786-C34866B548FA"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_1100:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DC585A5-DBBE-4236-801A-F52523A5C5DF"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_1700:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B922ADAB-F42F-4113-8222-0493FE74CF6F"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_1740:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF2FF1CE-97F7-4951-8FD7-59657670BF05"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_1750:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B7D4D62-CB44-437C-A30C-F65DB36DE01F"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_2700:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23377D6E-6C2C-425B-A6DC-E5319B327DC3"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9050DFE2-99C6-41F0-AD1D-5EDFB9B15D8C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}