Search criteria
18 vulnerabilities found for befvp41 by linksys
VAR-200601-0270
Vulnerability from variot - Updated: 2023-12-18 14:06Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length. Linksys BEFVP41 routers are susceptible to a remote denial of service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. This issue allows remote attackers to crash affected devices, denying service to legitimate users. Reportedly, attackers must be located on the internal network, and be able to pass traffic through the router to exploit this issue. It may also be possible from the external side of the network, but this has not been confirmed.
The vulnerability has been reported in version 2.0 with firmware revision 1.01.04.
SOLUTION: Use the device on trusted networks only.
PROVIDED AND/OR DISCOVERED BY: Paul
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200601-0270",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "befvp41",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.01.04"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.4"
},
{
"model": "befvp41 .3f",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40"
}
],
"sources": [
{
"db": "BID",
"id": "16307"
},
{
"db": "NVD",
"id": "CVE-2006-0309"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:befvp41:1.01.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0309"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "paul14075@gmail.com discovered this issue.",
"sources": [
{
"db": "BID",
"id": "16307"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
],
"trust": 0.9
},
"cve": "CVE-2006-0309",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-16417",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-0309",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200601-215",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-16417",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16417"
},
{
"db": "NVD",
"id": "CVE-2006-0309"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length. Linksys BEFVP41 routers are susceptible to a remote denial of service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. \nThis issue allows remote attackers to crash affected devices, denying service to legitimate users. \nReportedly, attackers must be located on the internal network, and be able to pass traffic through the router to exploit this issue. It may also be possible from the external side of the network, but this has not been confirmed. \n\nThe vulnerability has been reported in version 2.0 with firmware\nrevision 1.01.04. \n\nSOLUTION:\nUse the device on trusted networks only. \n\nPROVIDED AND/OR DISCOVERED BY:\nPaul\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0309"
},
{
"db": "BID",
"id": "16307"
},
{
"db": "VULHUB",
"id": "VHN-16417"
},
{
"db": "PACKETSTORM",
"id": "43166"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "16307",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "18461",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-0238",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1015490",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2006-0309",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200601-215",
"trust": 0.7
},
{
"db": "XF",
"id": "24125",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060113 LINKSYS VPN ROUTER (BEFVP41) DOS VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060116 RE: LINKSYS VPN ROUTER (BEFVP41) DOS VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060117 RE: LINKSYS VPN ROUTER (BEFVP41) DOS VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-16417",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "43166",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16417"
},
{
"db": "BID",
"id": "16307"
},
{
"db": "PACKETSTORM",
"id": "43166"
},
{
"db": "NVD",
"id": "CVE-2006-0309"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
]
},
"id": "VAR-200601-0270",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16417"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:06:55.233000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0309"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/16307"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015490"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18461"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/421929/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/422064/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/422266/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/0238"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24125"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/422064/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/421929/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/0238"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/24125"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/422266/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www1.linksys.com/products/product.asp?grid=34\u0026scid=29\u0026prid=607"
},
{
"trust": 0.3,
"url": "/archive/1/422266"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/685/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18461/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16417"
},
{
"db": "BID",
"id": "16307"
},
{
"db": "PACKETSTORM",
"id": "43166"
},
{
"db": "NVD",
"id": "CVE-2006-0309"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-16417"
},
{
"db": "BID",
"id": "16307"
},
{
"db": "PACKETSTORM",
"id": "43166"
},
{
"db": "NVD",
"id": "CVE-2006-0309"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-01-19T00:00:00",
"db": "VULHUB",
"id": "VHN-16417"
},
{
"date": "2006-01-18T00:00:00",
"db": "BID",
"id": "16307"
},
{
"date": "2006-01-19T02:04:53",
"db": "PACKETSTORM",
"id": "43166"
},
{
"date": "2006-01-19T01:03:00",
"db": "NVD",
"id": "CVE-2006-0309"
},
{
"date": "2006-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-16417"
},
{
"date": "2006-02-07T20:55:00",
"db": "BID",
"id": "16307"
},
{
"date": "2018-10-19T15:44:19.940000",
"db": "NVD",
"id": "CVE-2006-0309"
},
{
"date": "2006-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys BEFVP41 IP Option Remote Denial of Service Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200601-215"
}
],
"trust": 0.6
}
}
VAR-200208-0019
Vulnerability from variot - Updated: 2023-12-18 13:35VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys. BEFVP41 is a hardware router that is currently developed and maintained by Linksys.
BEFVP41 supports Triple DES encryption keys (48 hexadecimal characters) and MD5 check keys (32 hexadecimal characters) of the following lengths, respectively.
Encryption:
80C4DAFD9AFC3D7AB57079E19DEBFFF43538A62039768D74
Authentication:
32EA72F58D7F1E063E14A3FF78131172
However, due to a design error, when the user tried to manually enter these keys, they were cut off by mistake, and became 23 hex characters and 19 hex characters respectively.
Encryption:
80C4DAFD9AFC3D7AB57079E
Authentication:
32EA72F58D7F1E063E1
This leads to the eventual use of weak keys, increasing the likelihood of successful brute-force brute-force attacks. However, when a user attempts to manually enter a generated Triple DES key of any length greater than 23 bytes, the key is truncated to a maximum of 23 bytes. Manual entry of the key results in a truncated key maximum length of 19 bytes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200208-0019",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "befvp41",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.40.1"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.40.1"
},
{
"model": "etherfast befvp41 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-0430"
},
{
"db": "BID",
"id": "4250"
},
{
"db": "NVD",
"id": "CVE-2002-0426"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:befvp41:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.40.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0426"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Phil Schlesinger\u203b pschlesinger@teltechplus.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0426",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4819",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0426",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200208-084",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4819",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4819"
},
{
"db": "NVD",
"id": "CVE-2002-0426"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys. BEFVP41 is a hardware router that is currently developed and maintained by Linksys. \n\n\u00a0BEFVP41 supports Triple DES encryption keys (48 hexadecimal characters) and MD5 check keys (32 hexadecimal characters) of the following lengths, respectively. \n\n\u00a0Encryption:\n\n\u00a080C4DAFD9AFC3D7AB57079E19DEBFFF43538A62039768D74\n\n\u00a0Authentication:\n\n\u00a032EA72F58D7F1E063E14A3FF78131172\n\n\u00a0However, due to a design error, when the user tried to manually enter these keys, they were cut off by mistake, and became 23 hex characters and 19 hex characters respectively. \n\n\u00a0Encryption:\n\n\u00a080C4DAFD9AFC3D7AB57079E\n\n\u00a0Authentication:\n\n\u00a032EA72F58D7F1E063E1\n\n\u00a0This leads to the eventual use of weak keys, increasing the likelihood of successful brute-force brute-force attacks. However, when a user attempts to manually enter a generated Triple DES key of any length greater than 23 bytes, the key is truncated to a maximum of 23 bytes. Manual entry of the key results in a truncated key maximum length of 19 bytes",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0426"
},
{
"db": "CNVD",
"id": "CNVD-2002-0430"
},
{
"db": "BID",
"id": "4250"
},
{
"db": "VULHUB",
"id": "VHN-4819"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-0426",
"trust": 2.6
},
{
"db": "BID",
"id": "4250",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200208-084",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-0430",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020308 LINKSYS BEFVP41 VPN SERVER DOES NOT FOLLOW PROPER VPN STANDARDS",
"trust": 0.6
},
{
"db": "XF",
"id": "8397",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4819",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-0430"
},
{
"db": "VULHUB",
"id": "VHN-4819"
},
{
"db": "BID",
"id": "4250"
},
{
"db": "NVD",
"id": "CVE-2002-0426"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
]
},
"id": "VAR-200208-0019",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4819"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:35:53.406000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0426"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4250"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/260613"
},
{
"trust": 1.7,
"url": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/8397.php"
},
{
"trust": 0.3,
"url": "http://www1.linksys.com/products/product.asp?grid=34\u0026scid=29\u0026prid=607"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/support/support.asp?spid=85"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4819"
},
{
"db": "BID",
"id": "4250"
},
{
"db": "NVD",
"id": "CVE-2002-0426"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-0430"
},
{
"db": "VULHUB",
"id": "VHN-4819"
},
{
"db": "BID",
"id": "4250"
},
{
"db": "NVD",
"id": "CVE-2002-0426"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-03-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-0430"
},
{
"date": "2002-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4819"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "4250"
},
{
"date": "2002-08-12T04:00:00",
"db": "NVD",
"id": "CVE-2002-0426"
},
{
"date": "2002-03-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-03-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-0430"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-4819"
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4250"
},
{
"date": "2008-09-05T20:27:59.773000",
"db": "NVD",
"id": "CVE-2002-0426"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys BEFVP41 Key Truncation Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-0430"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "4250"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-084"
}
],
"trust": 0.9
}
}
VAR-200211-0060
Vulnerability from variot - Updated: 2023-12-18 13:31Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password. Linksys has developed a variety of broadband router devices, including BEFW11S4, BEFSRU31, etc., which all include WEB management interfaces.
The router's WEB management interface incorrectly handles long passwords. Remote attackers can use this vulnerability to perform buffer overflow attacks and crash the device.
An attacker can submit a request with a password field containing a long string to the router's WEB management interface system. When the device attempts to process this malformed input request, it can cause the device to crash. Need to restart to resume normal function.
The remote management interface is not enabled by default. Multiple Linksys devices lack proper handling of very long GET requests. Because the device does not adequately allocate memory buffers, an attacker can exploit this vulnerability to send a very long GET request to a Linksys device that has this vulnerability. Rebooting the device is necessary to restore functionality. This may allow an attacker to change configuration information on the vulnerable device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200211-0060",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "befw11s4",
"scope": "eq",
"trust": 2.2,
"vendor": "linksys",
"version": "1.4.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 2.2,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "hpro200",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befn2ps4",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "2.42.7.1"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsru31 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr81 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr81 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "etherfast befsr41 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr11 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befw11s4",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsx41",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befvp41:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.4.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:hpro200:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befn2ps4:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsx41:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr81:2.42.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alex S. Harasic\u203b aharasic@terra.cl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1312",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-15339",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5697",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1312",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-15339",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200211-037",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5697",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password. Linksys has developed a variety of broadband router devices, including BEFW11S4, BEFSRU31, etc., which all include WEB management interfaces. \n\n\u00a0The router\u0027s WEB management interface incorrectly handles long passwords. Remote attackers can use this vulnerability to perform buffer overflow attacks and crash the device. \n\n\u00a0An attacker can submit a request with a password field containing a long string to the router\u0027s WEB management interface system. When the device attempts to process this malformed input request, it can cause the device to crash. Need to restart to resume normal function. \n\n\u00a0The remote management interface is not enabled by default. Multiple Linksys devices lack proper handling of very long GET requests. Because the device does not adequately allocate memory buffers, an attacker can exploit this vulnerability to send a very long GET request to a Linksys device that has this vulnerability. \nRebooting the device is necessary to restore functionality. This may allow an attacker to change configuration information on the vulnerable device",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "VULHUB",
"id": "VHN-5697"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1312",
"trust": 2.6
},
{
"db": "BID",
"id": "6301",
"trust": 2.6
},
{
"db": "BID",
"id": "6208",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-4108",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2013-15339",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20021119 DENIAL OF SERVICE VULNERABILITY IN LINKSYS CABLE/DSL ROUTERS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021202 CORE-20021005: VULNERABILITY REPORT FOR LINKSYS DEVICES",
"trust": 0.6
},
{
"db": "XF",
"id": "10654",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-5697",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"id": "VAR-200211-0060",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
}
]
},
"last_update_date": "2023-12-18T13:31:06.545000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Multiple Linksys Device GET Request Remote Buffer Overflow Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41776"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6208"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6301"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 1.6,
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=103893609009727\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/10654"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/group.asp?grid=23"
},
{
"trust": 0.3,
"url": "http://www.evansconforti.com/befw11s4"
},
{
"trust": 0.3,
"url": "/archive/1/300836"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=36\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
},
{
"trust": 0.1,
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026amp;idxseccion=10"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"date": "2002-12-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"date": "2002-11-20T00:00:00",
"db": "VULHUB",
"id": "VHN-5697"
},
{
"date": "2002-11-20T00:00:00",
"db": "BID",
"id": "6208"
},
{
"date": "2002-12-03T00:00:00",
"db": "BID",
"id": "6301"
},
{
"date": "2002-11-20T05:00:00",
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"date": "2002-11-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"date": "2013-12-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-5697"
},
{
"date": "2009-07-11T19:16:00",
"db": "BID",
"id": "6208"
},
{
"date": "2002-12-03T00:00:00",
"db": "BID",
"id": "6301"
},
{
"date": "2017-07-11T01:29:13.570000",
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Linksys Device Password Field Buffer Overflow Vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
],
"trust": 1.2
}
}
VAR-200408-0079
Vulnerability from variot - Updated: 2023-12-18 13:31DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. Linksys has a variety of network equipment product lines.
Multiple Linksys devices have problems processing DHCP messages. Remote attackers can use this vulnerability to obtain sensitive information or conduct denial of service attacks on the device.
The built-in DHCP server of these devices has a security vulnerability. The DHCP server of these devices incorrectly processes BOOTP packets. When returning a BOOTP response, it fills some of the information in the memory into the BOOTP field, so the attacker can gain sensitivity by sniffing network communications. Information can also lead to a denial of service attack on the device by an attacker. When attempting to exploit this issue, it has been reported that a denial of service condition may occur, stopping legitimate users from using the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200408-0079",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "befn2ps4",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "wap55ag",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.0.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.40.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.45.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.44.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.43.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "befn2ps4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.38.5"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.45.7"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "2.42.7.1"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.40.3f"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.37"
},
{
"model": "rv082",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "2.00.8"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.35"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr41w",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.39"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.39.64"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befcmu10",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.36"
},
{
"model": "befcmu10",
"scope": null,
"trust": 0.9,
"vendor": "linksys",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "befn2ps4",
"scope": null,
"trust": 0.6,
"vendor": "linksys",
"version": null
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.00.8"
},
{
"model": "wpc300n wireless-n notebook adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "-4.100.15.5"
},
{
"model": "rv082",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befvp41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39.64"
},
{
"model": "etherfast befvp41 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.42.7"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.42.7.1"
},
{
"model": "etherfast befsr81 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.38"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.37"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.36"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.35"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.38.5"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befn2ps4 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befvp41 .3f",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40"
},
{
"model": "befsr81",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befsr41w",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.05.00"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"db": "BID",
"id": "10329"
},
{
"db": "NVD",
"id": "CVE-2004-0580"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befvp41:1.40.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befcmu10:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.40.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:wap55ag:1.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr81:2.42.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr81:2.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befvp41:1.39.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befvp41:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41w:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.40.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.45.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsx41:1.43.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsx41:1.44.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsx41:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsx41:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befvp41:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.43.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsx41:1.43.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsx41:1.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsx41:1.45.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befn2ps4:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befvp41:1.40.3f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befn2ps4:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:rv082:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:wrt54g:1.42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:wrt54g:2.00.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.38.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.40.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.43.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr81:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.43.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0580"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jon Hart\u203b warchild@spoofed.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0580",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9010",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0580",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200408-030",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9010",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9010"
},
{
"db": "NVD",
"id": "CVE-2004-0580"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. Linksys has a variety of network equipment product lines. \n\n\u00a0Multiple Linksys devices have problems processing DHCP messages. Remote attackers can use this vulnerability to obtain sensitive information or conduct denial of service attacks on the device. \n\n\u00a0The built-in DHCP server of these devices has a security vulnerability. The DHCP server of these devices incorrectly processes BOOTP packets. When returning a BOOTP response, it fills some of the information in the memory into the BOOTP field, so the attacker can gain sensitivity by sniffing network communications. Information can also lead to a denial of service attack on the device by an attacker. When attempting to exploit this issue, it has been reported that a denial of service condition may occur, stopping legitimate users from using the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0580"
},
{
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"db": "BID",
"id": "10329"
},
{
"db": "VULHUB",
"id": "VHN-9010"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9010",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9010"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0580",
"trust": 2.6
},
{
"db": "BID",
"id": "10329",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "6325",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1010288",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "11606",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2004-1417",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040607 LINKSYS BEFSR41 DHCP VULNERABILITY SERVER LEAKS NETWORK DATA",
"trust": 0.6
},
{
"db": "XF",
"id": "16142",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-77851",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "24115",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9010",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"db": "VULHUB",
"id": "VHN-9010"
},
{
"db": "BID",
"id": "10329"
},
{
"db": "NVD",
"id": "CVE-2004-0580"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
]
},
"id": "VAR-200408-0079",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9010"
}
],
"trust": 0.6353147
},
"last_update_date": "2023-12-18T13:31:00.424000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0580"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10329"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/6325"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/alerts/2004/may/1010288.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/11606"
},
{
"trust": 1.6,
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5ccreated=1086294093\u0026p_sid=pu1x1idh\u0026p_lva=\u0026p_sp=cf9zcmnopszwx3nvcnrfynk9jnbfz3jpzhnvcnq9%20%5cjnbfcm93x2nudd02ntqmcf9wywdlpte%2a\u0026p_li="
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16142"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"trust": 0.3,
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_created=1086294093\u0026p_sid=pu1x1idh\u0026p_lva=\u0026p_sp=cf9zcmnopszwx3nvcnrfynk9jnbfz3jpzhnvcnq9jnbfcm93x2nudd02ntqmcf9wywdl"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/group.asp?grid=23"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.3,
"url": "/archive/1/365319"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108662876129301\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026amp;p_%20%5ccreated=1086294093\u0026amp;p_sid=pu1x1idh\u0026amp;p_lva=\u0026amp;p_sp=cf9zcmnopszwx3nvcnrfynk9jnbfz3jpzhnvcnq9%20%5cjnbfcm93x2nudd02ntqmcf9wywdlpte%2a\u0026amp;p_li="
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9010"
},
{
"db": "BID",
"id": "10329"
},
{
"db": "NVD",
"id": "CVE-2004-0580"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"db": "VULHUB",
"id": "VHN-9010"
},
{
"db": "BID",
"id": "10329"
},
{
"db": "NVD",
"id": "CVE-2004-0580"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"date": "2004-08-06T00:00:00",
"db": "VULHUB",
"id": "VHN-9010"
},
{
"date": "2004-05-13T00:00:00",
"db": "BID",
"id": "10329"
},
{
"date": "2004-08-06T04:00:00",
"db": "NVD",
"id": "CVE-2004-0580"
},
{
"date": "2004-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"date": "2018-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-9010"
},
{
"date": "2015-03-19T09:44:00",
"db": "BID",
"id": "10329"
},
{
"date": "2023-11-07T01:56:43.640000",
"db": "NVD",
"id": "CVE-2004-0580"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Linksys Device DHCP Information Leaks and Denial of Service Vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1417"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "10329"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
],
"trust": 0.9
}
}
VAR-200603-0053
Vulnerability from variot - Updated: 2023-12-18 12:47Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. DCC SEND, or (2) a DCC SEND with an IP address, port, and file size parameter value of 0. Linksys and Netgear routers are susceptible to a remote IRC denial-of-service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. This issue allows remote attackers to disconnect IRC sessions, denying service to legitimate users. Linksys WRT54G routers are vulnerable to this issue. Routers running with the VxWorks operating system, but not Linux-based operating systems, are reportedly affected. Specific device and firmware version information is not currently available. This BID will be updated as further information is disclosed
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200603-0053",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wrt54g v5",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "wrt54g v5",
"scope": null,
"trust": 0.6,
"vendor": "linksys",
"version": null
},
{
"model": "wgt624",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.25"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.24"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.22"
},
{
"model": "rt-338",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "me102",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.4"
},
{
"model": "me102",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.3"
},
{
"model": "fvs318v2",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "2.4"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "2.4"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.3"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.2"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.1"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.0"
},
{
"model": "fm114p",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "dg834g",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "dg834 adsl firewall router",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "publisher 3f",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20021.40"
},
{
"model": "wrt54gs",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "4.70.6"
},
{
"model": "wrt54gs",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "4.50.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4.04.20.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4.04.0.7"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3.03.3.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3.03.1.3"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.4.4"
},
{
"model": "wrt54g beta",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.02.8"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.00.8"
},
{
"model": "wpc300n wireless-n notebook adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "-4.100.15.5"
},
{
"model": "wap55ag",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.0.7"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.2"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.3"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.42.7"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.40.3"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.9"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "etherfast befvp41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39.64"
},
{
"model": "etherfast befvp41 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.42.7"
},
{
"model": "etherfast befsr81 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.38"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.37"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.36"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.35"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.05.00"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befn2ps4 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.4"
},
{
"model": "befvp41 .3f",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2"
},
{
"model": "befsr81",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befsr41w",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v1"
},
{
"model": "befn2ps4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befcmu10",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wrt54g v5",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:wrt54g_v5:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ryanmeyer14@netscape.net discovered this issue. Both ryanmeyer14@netscape.net and \"Cade Cairns\" \u003ccairnsc@gmail.com\u003e disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "16954"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.9
},
"cve": "CVE-2006-1067",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-1318",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-17175",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1067",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2006-1318",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200603-107",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-17175",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. DCC SEND, or (2) a DCC SEND with an IP address, port, and file size parameter value of 0. Linksys and Netgear routers are susceptible to a remote IRC denial-of-service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. \nThis issue allows remote attackers to disconnect IRC sessions, denying service to legitimate users. \nLinksys WRT54G routers are vulnerable to this issue. Routers running with the VxWorks operating system, but not Linux-based operating systems, are reportedly affected. Specific device and firmware version information is not currently available. This BID will be updated as further information is disclosed",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-17175"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-1067",
"trust": 2.8
},
{
"db": "BID",
"id": "16954",
"trust": 2.6
},
{
"db": "BUGTRAQ",
"id": "20060306 RE: LINKSYS ROUTER + IRC DOS",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2006-1318",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20060304 VARIOUS ROUTER DOS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060303 LINKSYS ROUTER + IRC DOS",
"trust": 0.6
},
{
"db": "XF",
"id": "25230",
"trust": 0.6
},
{
"db": "IVD",
"id": "CCDF0954-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-17175",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"id": "VAR-200603-0053",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
}
],
"trust": 1.5009907
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
}
]
},
"last_update_date": "2023-12-18T12:47:09.542000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/16954"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/426863/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.hm2k.org/news/1141413208.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426761/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426756/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426934/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25230"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426934/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426761/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426756/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25230"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/support_main.asp"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/product.asp?prid=508\u0026scid=35"
},
{
"trust": 0.3,
"url": "/archive/1/426761"
},
{
"trust": 0.3,
"url": "/archive/1/426756"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-03-07T00:00:00",
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2006-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"date": "2006-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-17175"
},
{
"date": "2006-03-04T00:00:00",
"db": "BID",
"id": "16954"
},
{
"date": "2006-03-07T22:06:00",
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"date": "2006-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-17175"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "16954"
},
{
"date": "2018-10-18T16:30:32.073000",
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"date": "2006-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54G Multiple router denial of service vulnerability",
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.8
}
}
VAR-200304-0137
Vulnerability from variot - Updated: 2022-05-17 01:59The Linsys BEFVP41 is a VPN-enabled router. Linsys BEFVP41 has a default community string that can be exploited by remote attackers to obtain a large amount of sensitive information on the target network. The external interface of the Linksys VPN router uses the default globally readable 'public' community string. Using this community string, you can obtain sensitive information such as routers and host hardware addresses in the internal network. This information can be used to further attack the network. Linksys BEFVP4 VPN router has been reported prone to a sensitive information disclosure vulnerability. It should be noted that this issue has also been reported to affect the Linksys BEFSR81 appliance
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0137",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bef",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "x.x"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.4"
},
{
"model": "befvp41 .3f",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40"
},
{
"model": "befsr81",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1004"
},
{
"db": "BID",
"id": "7317"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery of this vulnerability has been credited to Branson Matheson \u003cbranson@windborne.net\u003e.",
"sources": [
{
"db": "BID",
"id": "7317"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2003-1004",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2003-1004",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1004"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Linsys BEFVP41 is a VPN-enabled router. Linsys BEFVP41 has a default community string that can be exploited by remote attackers to obtain a large amount of sensitive information on the target network. The external interface of the Linksys VPN router uses the default globally readable \u0027public\u0027 community string. Using this community string, you can obtain sensitive information such as routers and host hardware addresses in the internal network. This information can be used to further attack the network. Linksys BEFVP4 VPN router has been reported prone to a sensitive information disclosure vulnerability. \nIt should be noted that this issue has also been reported to affect the Linksys BEFSR81 appliance",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1004"
},
{
"db": "BID",
"id": "7317"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7317",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2003-1004",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1004"
},
{
"db": "BID",
"id": "7317"
}
]
},
"id": "VAR-200304-0137",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1004"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1004"
}
]
},
"last_update_date": "2022-05-17T01:59:14.409000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=105012892518612\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/support/support.asp?spid=85"
},
{
"trust": 0.3,
"url": "/archive/1/326871"
},
{
"trust": 0.3,
"url": "/archive/1/318288"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1004"
},
{
"db": "BID",
"id": "7317"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2003-1004"
},
{
"db": "BID",
"id": "7317"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-1004"
},
{
"date": "2003-04-09T00:00:00",
"db": "BID",
"id": "7317"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-1004"
},
{
"date": "2003-04-09T00:00:00",
"db": "BID",
"id": "7317"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "7317"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys BEFVP41 SNMP Default Community String Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1004"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "7317"
}
],
"trust": 0.3
}
}
FKIE_CVE-2006-0309
Vulnerability from fkie_nvd - Published: 2006-01-19 01:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.01.04:*:*:*:*:*:*:*",
"matchCriteriaId": "013C9B86-E324-47CB-8666-204EFA2CF525",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length."
}
],
"id": "CVE-2006-0309",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-01-19T01:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18461"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015490"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/421929/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/422064/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/422266/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16307"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0238"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/421929/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/422064/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/422266/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24125"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0580
Vulnerability from fkie_nvd - Published: 2004-08-06 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:befcmu10:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90DA95A3-DF00-411F-8582-60CB737BA116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befn2ps4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C888358-9CF4-4D5B-AAC0-7E606978C00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befn2ps4:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FFAA33-12EC-40E4-9A34-DDB95A77A63C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.40.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BC087D32-60A2-48AD-8DD3-1088C641F880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2B43B5-0083-4F71-BD69-9EA4C0AE1ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F69304C-DC53-4782-AEE0-E575B44FF56D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F5E5AA-6469-4405-BDE9-AD4D174A1A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA4C23A-598A-4B11-BD78-39EA55E0E6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26EE9DDF-2DCD-4432-A513-84AE9BCE94C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A867E8-F2ED-4772-BB5A-C50FFBA1B448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "A52F18C5-6D00-493C-B38F-D6695670357F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.36:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7E417D-3751-4FCF-AECC-7601F77198E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.37:*:*:*:*:*:*:*",
"matchCriteriaId": "127E79AF-33BE-485E-B4A3-058ECC898E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.38.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49FC600-D1E3-4233-AC8A-DBFA87D2138D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.39:*:*:*:*:*:*:*",
"matchCriteriaId": "A0754C5C-166A-4084-A4A5-510AAC1AC6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.40.2:*:*:*:*:*:*:*",
"matchCriteriaId": "858C8B66-8FF4-4A1E-9B2D-363AC169467E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "048E48C6-6A62-4E64-A69C-0F7B872AA121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FAD3B2-69ED-451F-9CD2-6B552E962B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "525E00CA-DEEA-410F-A90C-C73C8D304E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "6337002A-EA1A-47A9-B4A5-E3EECD859C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E88F34EA-AFCF-4CED-A7A4-9C76309E90E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "C5219F89-4CB8-4239-A7C2-1E869E931777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.45.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC6E599-5026-4580-B94F-6DD33E0952DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41w:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC1F57E-2E8F-419C-8725-18208B8C1874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr81:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF867F97-F14F-4056-B0C8-A72E2FE2E74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr81:2.42.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5B40A4-E7CA-4BDD-899E-3693129D347E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr81:2.44:*:*:*:*:*:*:*",
"matchCriteriaId": "7142F135-C45C-4737-BDBB-1CCF2A1827EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.40.2:*:*:*:*:*:*:*",
"matchCriteriaId": "914AC3F4-064A-47A6-B707-00FCC0607761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "44405B42-D7AD-42E3-BD17-A619936DC02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9209ABC6-7DAA-46CE-8F59-2F9430FF2491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "958AF49D-FB97-476F-B8DF-5A760F72DBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "E80E4BFD-DB4D-4574-A0F6-15881A66F308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "67CC8982-FF47-45CF-8861-AD2F5A8D0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "892159A1-620C-413A-ADE5-205B12E5E080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6353EE40-1C83-4A1A-836F-6716D95A5A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "2704FB57-AC43-4C92-B038-8C226C8A47B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD7A706-C379-4D56-97CA-88D3F76D4EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.43.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0F2944-C902-4652-85FA-9223773D53DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "90E9B1CD-FFC1-4318-BB31-6753DEF73D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.44.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EFD70A-34B4-4F27-9377-A665505895D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.45.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B23D8CA-A966-4E23-B6D2-4E7AAD239543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A513272D-E013-498F-8582-0645DB3366F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.39.64:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADD86DE-4495-4C95-9C32-294442915A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.40.3f:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB5F870-AE5C-4B0E-AEEA-335A990E6EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.40.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C359F33C-D4B0-4C22-8CEE-86F6FE8A1987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56484A79-0B44-439F-A64B-B55660E0C7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:rv082:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88647EC9-AD63-4643-B1B9-C0C224E6F93B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:wap55ag:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "935294D7-41A5-4E47-A168-A908E61CADCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:wrt54g:1.42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC73D9-CBB8-4683-BB21-3AA0F9468F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:wrt54g:2.00.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF3AB9D-CE52-42CF-9FD7-ECB83495C3AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information."
},
{
"lang": "es",
"value": "DHCP en los encaminadores de cable y ADSL Linksys BEFSR11, BEFSR41, BEFSR81 y BEFSRU31, con versi\u00f3n de firmware 1.45.7, no limpia adecuadamente b\u00faferes usados anteriormente en un paquete de respueta BOOTP, lo que permite a atacantes remotos obtener informaci\u00f3n sensible."
}
],
"id": "CVE-2004-0580",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11606"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6325"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10329"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-1312
Vulnerability from fkie_nvd - Published: 2002-11-20 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linksys | befn2ps4 | 1.42.7 | |
| linksys | befsr11 | 1.42.7 | |
| linksys | befsr11 | 1.43 | |
| linksys | befsr41 | 1.42.7 | |
| linksys | befsr41 | 1.43 | |
| linksys | befsr81 | 2.42.7.1 | |
| linksys | befsru31 | 1.42.7 | |
| linksys | befsru31 | 1.43 | |
| linksys | befsx41 | 1.42.7 | |
| linksys | befvp41 | 1.42.7 | |
| linksys | befw11s4 | 1.4.2.7 | |
| linksys | befw11s4 | 1.4.3 | |
| linksys | hpro200 | 1.42.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:befn2ps4:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FFAA33-12EC-40E4-9A34-DDB95A77A63C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F5E5AA-6469-4405-BDE9-AD4D174A1A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA4C23A-598A-4B11-BD78-39EA55E0E6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "525E00CA-DEEA-410F-A90C-C73C8D304E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "6337002A-EA1A-47A9-B4A5-E3EECD859C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr81:2.42.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5B40A4-E7CA-4BDD-899E-3693129D347E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "958AF49D-FB97-476F-B8DF-5A760F72DBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "E80E4BFD-DB4D-4574-A0F6-15881A66F308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6353EE40-1C83-4A1A-836F-6716D95A5A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56484A79-0B44-439F-A64B-B55660E0C7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "42622989-F386-4C7F-8F64-7C792075D980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F83131C-CE9B-4695-BF3D-A8D2C1AC7F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:hpro200:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C59B3AAD-9A03-4AB3-ABA7-4EA738A9B4F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
],
"id": "CVE-2002-1312",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-20T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6301"
},
{
"source": "cve@mitre.org",
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-0426
Vulnerability from fkie_nvd - Published: 2002-08-12 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:befvp41:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0DF7B3B-7080-4245-9593-C0D612237725",
"versionEndIncluding": "1.40.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys."
}
],
"id": "CVE-2002-0426",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-08-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/260613"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8397.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/260613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8397.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4250"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2006-0309 (GCVE-0-2006-0309)
Vulnerability from cvelistv5 – Published: 2006-01-19 01:00 – Updated: 2024-08-07 16:34
VLAI?
Summary
Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:13.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-0238",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0238"
},
{
"name": "20060117 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422266/100/0/threaded"
},
{
"name": "16307",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16307"
},
{
"name": "20060113 Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/421929/100/0/threaded"
},
{
"name": "linksys-null-length-dos(24125)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24125"
},
{
"name": "1015490",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015490"
},
{
"name": "18461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18461"
},
{
"name": "20060116 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422064/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-0238",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0238"
},
{
"name": "20060117 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/422266/100/0/threaded"
},
{
"name": "16307",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16307"
},
{
"name": "20060113 Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/421929/100/0/threaded"
},
{
"name": "linksys-null-length-dos(24125)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24125"
},
{
"name": "1015490",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015490"
},
{
"name": "18461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18461"
},
{
"name": "20060116 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/422064/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-0238",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0238"
},
{
"name": "20060117 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/422266/100/0/threaded"
},
{
"name": "16307",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16307"
},
{
"name": "20060113 Linksys VPN Router (BEFVP41) DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421929/100/0/threaded"
},
{
"name": "linksys-null-length-dos(24125)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24125"
},
{
"name": "1015490",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015490"
},
{
"name": "18461",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18461"
},
{
"name": "20060116 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/422064/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0309",
"datePublished": "2006-01-19T01:00:00",
"dateReserved": "2006-01-19T00:00:00",
"dateUpdated": "2024-08-07T16:34:13.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1312 (GCVE-0-2002-1312)
Vulnerability from cvelistv5 – Published: 2005-04-14 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10",
"refsource": "MISC",
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1312",
"datePublished": "2005-04-14T04:00:00",
"dateReserved": "2002-11-18T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0580 (GCVE-0-2004-0580)
Vulnerability from cvelistv5 – Published: 2004-06-23 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10329"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10329"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20\\created=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20\\JnBfcm93X2NudD02NTQmcF9wYWdlPTE*\u0026p_li=",
"refsource": "CONFIRM",
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20\\created=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20\\JnBfcm93X2NudD02NTQmcF9wYWdlPTE*\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10329"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0580",
"datePublished": "2004-06-23T04:00:00",
"dateReserved": "2004-06-18T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0426 (GCVE-0-2002-0426)
Vulnerability from cvelistv5 – Published: 2002-06-11 04:00 – Updated: 2024-08-08 02:49
VLAI?
Summary
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip"
},
{
"name": "20020308 Linksys BEFVP41 VPN Server does not follow proper VPN standards",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/260613"
},
{
"name": "4250",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4250"
},
{
"name": "linksys-etherfast-weak-encryption(8397)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8397.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip"
},
{
"name": "20020308 Linksys BEFVP41 VPN Server does not follow proper VPN standards",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/260613"
},
{
"name": "4250",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4250"
},
{
"name": "linksys-etherfast-weak-encryption(8397)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8397.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip",
"refsource": "MISC",
"url": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip"
},
{
"name": "20020308 Linksys BEFVP41 VPN Server does not follow proper VPN standards",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/260613"
},
{
"name": "4250",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4250"
},
{
"name": "linksys-etherfast-weak-encryption(8397)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8397.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0426",
"datePublished": "2002-06-11T04:00:00",
"dateReserved": "2002-06-07T00:00:00",
"dateUpdated": "2024-08-08T02:49:28.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0309 (GCVE-0-2006-0309)
Vulnerability from nvd – Published: 2006-01-19 01:00 – Updated: 2024-08-07 16:34
VLAI?
Summary
Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:13.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-0238",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0238"
},
{
"name": "20060117 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422266/100/0/threaded"
},
{
"name": "16307",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16307"
},
{
"name": "20060113 Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/421929/100/0/threaded"
},
{
"name": "linksys-null-length-dos(24125)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24125"
},
{
"name": "1015490",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015490"
},
{
"name": "18461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18461"
},
{
"name": "20060116 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422064/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-0238",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0238"
},
{
"name": "20060117 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/422266/100/0/threaded"
},
{
"name": "16307",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16307"
},
{
"name": "20060113 Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/421929/100/0/threaded"
},
{
"name": "linksys-null-length-dos(24125)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24125"
},
{
"name": "1015490",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015490"
},
{
"name": "18461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18461"
},
{
"name": "20060116 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/422064/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-0238",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0238"
},
{
"name": "20060117 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/422266/100/0/threaded"
},
{
"name": "16307",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16307"
},
{
"name": "20060113 Linksys VPN Router (BEFVP41) DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421929/100/0/threaded"
},
{
"name": "linksys-null-length-dos(24125)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24125"
},
{
"name": "1015490",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015490"
},
{
"name": "18461",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18461"
},
{
"name": "20060116 Re: Linksys VPN Router (BEFVP41) DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/422064/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0309",
"datePublished": "2006-01-19T01:00:00",
"dateReserved": "2006-01-19T00:00:00",
"dateUpdated": "2024-08-07T16:34:13.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1312 (GCVE-0-2002-1312)
Vulnerability from nvd – Published: 2005-04-14 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10",
"refsource": "MISC",
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1312",
"datePublished": "2005-04-14T04:00:00",
"dateReserved": "2002-11-18T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0580 (GCVE-0-2004-0580)
Vulnerability from nvd – Published: 2004-06-23 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10329"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10329"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20\\created=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20\\JnBfcm93X2NudD02NTQmcF9wYWdlPTE*\u0026p_li=",
"refsource": "CONFIRM",
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20\\created=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20\\JnBfcm93X2NudD02NTQmcF9wYWdlPTE*\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10329"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0580",
"datePublished": "2004-06-23T04:00:00",
"dateReserved": "2004-06-18T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0426 (GCVE-0-2002-0426)
Vulnerability from nvd – Published: 2002-06-11 04:00 – Updated: 2024-08-08 02:49
VLAI?
Summary
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip"
},
{
"name": "20020308 Linksys BEFVP41 VPN Server does not follow proper VPN standards",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/260613"
},
{
"name": "4250",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4250"
},
{
"name": "linksys-etherfast-weak-encryption(8397)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8397.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip"
},
{
"name": "20020308 Linksys BEFVP41 VPN Server does not follow proper VPN standards",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/260613"
},
{
"name": "4250",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4250"
},
{
"name": "linksys-etherfast-weak-encryption(8397)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8397.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip",
"refsource": "MISC",
"url": "ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip"
},
{
"name": "20020308 Linksys BEFVP41 VPN Server does not follow proper VPN standards",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/260613"
},
{
"name": "4250",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4250"
},
{
"name": "linksys-etherfast-weak-encryption(8397)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8397.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0426",
"datePublished": "2002-06-11T04:00:00",
"dateReserved": "2002-06-07T00:00:00",
"dateUpdated": "2024-08-08T02:49:28.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}