CVE-2002-0209 – Alteon AceDirector - Half-Closed HTTP Request IP Address Revealing

https://notcve.org/view.php?id=CVE-2002-0209

Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address. Nortle Alteon ACEdirector WebOS 9.0 con las carácteristicas de Balanceo de Carga de Servidor (Server Load Balancing, SLB) y de persistencia basada en cookies, permite a atacantes remotos determinar la IP real de un servidor web con una sesión medio cerrada, lo que causa que ACEdirector envíe paquetes del servidro sin cambiar la dirección a la IP virtual. • https://www.exploit-db.com/exploits/21243 http://online.securityfocus.com/archive/1/252455 http://online.securityfocus.com/archive/1/261548 http://www.iss.net/security_center/static/8010.php http://www.securityfocus.com/bid/3964 •