Search criteria
14 vulnerabilities found for befw11s4 by linksys
VAR-200212-0296
Vulnerability from variot - Updated: 2023-12-18 13:41Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header. HTTP service programs are embedded in wireless access point devices from multiple vendors.
The embedded HTTP service program in the wireless access point devices of multiple manufacturers does not handle the long HTTP requests correctly. Remote attackers can use this vulnerability to conduct denial of service attacks on wireless access devices.
An attacker can send a malformed HTTP request that contains the Host: field with too many strings, which can cause the device to stop responding to normal communications and cause a denial of service. A device restart is required to restore normal functionality.
Although not confirmed, it should be caused by a buffer overflow, and there may be an opportunity to execute arbitrary instructions on the system with the permissions of the WEB process. An attacker can exploit this vulnerability to cause the device to stop functioning. Although not yet confirmed, it has been speculated that this issue is a result of a buffer overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0296",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "di-804",
"scope": "eq",
"trust": 1.9,
"vendor": "d link",
"version": "4.68"
},
{
"model": "dl-704",
"scope": "eq",
"trust": 1.6,
"vendor": "d link",
"version": "2.56_b6"
},
{
"model": "dl-704",
"scope": "eq",
"trust": 1.6,
"vendor": "d link",
"version": "2.56_b5"
},
{
"model": "wap11",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.4"
},
{
"model": "wap11",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.37.2"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.37.2b"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.37.9b"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.40.3"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.42.7"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.40.3"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.9"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "dl-704 b6",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.56"
},
{
"model": "dl-704 b5",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.56"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"db": "BID",
"id": "6090"
},
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:d-link:di-804:4.68:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:d-link:dl-704:2.56_b5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.4.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.40.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:wap11:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:wap11:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:d-link:dl-704:2.56_b6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.37.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.37.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.37.9b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1865"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mark Litchfield\u203b mark@ngssoftware.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1865",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-6248",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1865",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-477",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6248",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6248"
},
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header. HTTP service programs are embedded in wireless access point devices from multiple vendors. \n\n\u00a0The embedded HTTP service program in the wireless access point devices of multiple manufacturers does not handle the long HTTP requests correctly. Remote attackers can use this vulnerability to conduct denial of service attacks on wireless access devices. \n\n\u00a0An attacker can send a malformed HTTP request that contains the Host: field with too many strings, which can cause the device to stop responding to normal communications and cause a denial of service. A device restart is required to restore normal functionality. \n\n\u00a0Although not confirmed, it should be caused by a buffer overflow, and there may be an opportunity to execute arbitrary instructions on the system with the permissions of the WEB process. An attacker can exploit this vulnerability to cause the device to stop functioning. \nAlthough not yet confirmed, it has been speculated that this issue is a result of a buffer overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"db": "BID",
"id": "6090"
},
{
"db": "VULHUB",
"id": "VHN-6248"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-6248",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6248"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1865",
"trust": 2.3
},
{
"db": "BID",
"id": "6090",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-3972",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3765",
"trust": 0.6
},
{
"db": "XF",
"id": "10537",
"trust": 0.6
},
{
"db": "VULNWATCH",
"id": "20021101 RE: IDEFENSE DOS IN LINKSYS BEFSR41 ETHERFAST CABLE/DSL ROUTER + MORE ISSUES DLINK \u0026 LINKSYS",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-75793",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21978",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-6248",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"db": "VULHUB",
"id": "VHN-6248"
},
{
"db": "BID",
"id": "6090"
},
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"id": "VAR-200212-0296",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6248"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:41:03.390000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1865"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6090"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10537.php"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3765"
},
{
"trust": 0.3,
"url": "http://www1.linksys.com/products/product.asp?grid=34\u0026scid=29\u0026prid=607"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/group.asp?grid=23"
},
{
"trust": 0.3,
"url": "http://www.d-link.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6248"
},
{
"db": "BID",
"id": "6090"
},
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"db": "VULHUB",
"id": "VHN-6248"
},
{
"db": "BID",
"id": "6090"
},
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6248"
},
{
"date": "2002-11-01T00:00:00",
"db": "BID",
"id": "6090"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"date": "2002-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6248"
},
{
"date": "2002-11-01T00:00:00",
"db": "BID",
"id": "6090"
},
{
"date": "2008-09-05T20:31:42.933000",
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Remote Denial of Service Attack Vulnerability in HTTP Servers Embedded in Wireless Access Points from Multiple Vendors",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3972"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "6090"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
],
"trust": 0.9
}
}
VAR-200211-0060
Vulnerability from variot - Updated: 2023-12-18 13:31Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password. Linksys has developed a variety of broadband router devices, including BEFW11S4, BEFSRU31, etc., which all include WEB management interfaces.
The router's WEB management interface incorrectly handles long passwords. Remote attackers can use this vulnerability to perform buffer overflow attacks and crash the device.
An attacker can submit a request with a password field containing a long string to the router's WEB management interface system. When the device attempts to process this malformed input request, it can cause the device to crash. Need to restart to resume normal function.
The remote management interface is not enabled by default. Multiple Linksys devices lack proper handling of very long GET requests. Because the device does not adequately allocate memory buffers, an attacker can exploit this vulnerability to send a very long GET request to a Linksys device that has this vulnerability. Rebooting the device is necessary to restore functionality. This may allow an attacker to change configuration information on the vulnerable device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200211-0060",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "befw11s4",
"scope": "eq",
"trust": 2.2,
"vendor": "linksys",
"version": "1.4.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 2.2,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "hpro200",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befn2ps4",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "2.42.7.1"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsru31 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr81 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr81 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "etherfast befsr41 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr11 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befw11s4",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsx41",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr11:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befvp41:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.4.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr41:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:hpro200:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befn2ps4:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsx41:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsr81:2.42.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befsru31:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alex S. Harasic\u203b aharasic@terra.cl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1312",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-15339",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5697",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1312",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-15339",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200211-037",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5697",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password. Linksys has developed a variety of broadband router devices, including BEFW11S4, BEFSRU31, etc., which all include WEB management interfaces. \n\n\u00a0The router\u0027s WEB management interface incorrectly handles long passwords. Remote attackers can use this vulnerability to perform buffer overflow attacks and crash the device. \n\n\u00a0An attacker can submit a request with a password field containing a long string to the router\u0027s WEB management interface system. When the device attempts to process this malformed input request, it can cause the device to crash. Need to restart to resume normal function. \n\n\u00a0The remote management interface is not enabled by default. Multiple Linksys devices lack proper handling of very long GET requests. Because the device does not adequately allocate memory buffers, an attacker can exploit this vulnerability to send a very long GET request to a Linksys device that has this vulnerability. \nRebooting the device is necessary to restore functionality. This may allow an attacker to change configuration information on the vulnerable device",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "VULHUB",
"id": "VHN-5697"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1312",
"trust": 2.6
},
{
"db": "BID",
"id": "6301",
"trust": 2.6
},
{
"db": "BID",
"id": "6208",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-4108",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2013-15339",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20021119 DENIAL OF SERVICE VULNERABILITY IN LINKSYS CABLE/DSL ROUTERS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021202 CORE-20021005: VULNERABILITY REPORT FOR LINKSYS DEVICES",
"trust": 0.6
},
{
"db": "XF",
"id": "10654",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-5697",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"id": "VAR-200211-0060",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
}
]
},
"last_update_date": "2023-12-18T13:31:06.545000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Multiple Linksys Device GET Request Remote Buffer Overflow Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41776"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6208"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6301"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 1.6,
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=103893609009727\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/10654"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/group.asp?grid=23"
},
{
"trust": 0.3,
"url": "http://www.evansconforti.com/befw11s4"
},
{
"trust": 0.3,
"url": "/archive/1/300836"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=36\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
},
{
"trust": 0.1,
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026amp;idxseccion=10"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"date": "2002-12-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"date": "2002-11-20T00:00:00",
"db": "VULHUB",
"id": "VHN-5697"
},
{
"date": "2002-11-20T00:00:00",
"db": "BID",
"id": "6208"
},
{
"date": "2002-12-03T00:00:00",
"db": "BID",
"id": "6301"
},
{
"date": "2002-11-20T05:00:00",
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"date": "2002-11-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"date": "2013-12-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-5697"
},
{
"date": "2009-07-11T19:16:00",
"db": "BID",
"id": "6208"
},
{
"date": "2002-12-03T00:00:00",
"db": "BID",
"id": "6301"
},
{
"date": "2017-07-11T01:29:13.570000",
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Linksys Device Password Field Buffer Overflow Vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
],
"trust": 1.2
}
}
VAR-200512-0266
Vulnerability from variot - Updated: 2023-12-18 13:30Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. Multiple Linksys devices are prone to a denial of service vulnerability. These devices are susceptible to a remote denial of service vulnerability when handling TCP 'LanD' packets. This issue allows remote attackers to crash affected devices, or to temporarily block further network routing functionality. This will deny further network services to legitimate users. Linksys BEFW11S4 and WRT54GS devices are reportedly affected by this issue. Due to code reuse among devices, other devices may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0266",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wrt54gs",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "4.70.6"
},
{
"model": "wrt54gs",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "4.50.6"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.4.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "befw11s4 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befw11s4 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befw11s4 v4",
"scope": null,
"trust": 0.6,
"vendor": "linksys",
"version": null
},
{
"model": "befw11s4 v3",
"scope": null,
"trust": 0.6,
"vendor": "linksys",
"version": null
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
}
],
"sources": [
{
"db": "BID",
"id": "15861"
},
{
"db": "NVD",
"id": "CVE-2005-4257"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.43.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4_v3:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.4.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:wrt54gs:4.70.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:wrt54gs:4.50.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4_v4:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4257"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Justin M. Wray",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
],
"trust": 0.6
},
"cve": "CVE-2005-4257",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-15465",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-4257",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-315",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-15465",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15465"
},
{
"db": "NVD",
"id": "CVE-2005-4257"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. Multiple Linksys devices are prone to a denial of service vulnerability. \nThese devices are susceptible to a remote denial of service vulnerability when handling TCP \u0027LanD\u0027 packets. \nThis issue allows remote attackers to crash affected devices, or to temporarily block further network routing functionality. This will deny further network services to legitimate users. \nLinksys BEFW11S4 and WRT54GS devices are reportedly affected by this issue. Due to code reuse among devices, other devices may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4257"
},
{
"db": "BID",
"id": "15861"
},
{
"db": "VULHUB",
"id": "VHN-15465"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "15861",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2005-4257",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200512-315",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-15465",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15465"
},
{
"db": "BID",
"id": "15861"
},
{
"db": "NVD",
"id": "CVE-2005-4257"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
]
},
"id": "VAR-200512-0266",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-15465"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:30:55.570000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4257"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/15861"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/group.asp?grid=23"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/servlet/satellite?childpagename=us%2flayout\u0026packedargs=c%3dl_product_c2%26cid%3d1115416825841%26site%3dus\u0026pagename=linksys%2fcommon%2fvisitorwrapper"
},
{
"trust": 0.3,
"url": "/archive/1/419520"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15465"
},
{
"db": "BID",
"id": "15861"
},
{
"db": "NVD",
"id": "CVE-2005-4257"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-15465"
},
{
"db": "BID",
"id": "15861"
},
{
"db": "NVD",
"id": "CVE-2005-4257"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-15T00:00:00",
"db": "VULHUB",
"id": "VHN-15465"
},
{
"date": "2005-12-14T00:00:00",
"db": "BID",
"id": "15861"
},
{
"date": "2005-12-15T11:03:00",
"db": "NVD",
"id": "CVE-2005-4257"
},
{
"date": "2005-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-15465"
},
{
"date": "2005-12-14T00:00:00",
"db": "BID",
"id": "15861"
},
{
"date": "2008-09-05T20:56:25.753000",
"db": "NVD",
"id": "CVE-2005-4257"
},
{
"date": "2005-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Various Linksys Router LanD Packet denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-315"
}
],
"trust": 0.6
}
}
VAR-200603-0053
Vulnerability from variot - Updated: 2023-12-18 12:47Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. DCC SEND, or (2) a DCC SEND with an IP address, port, and file size parameter value of 0. Linksys and Netgear routers are susceptible to a remote IRC denial-of-service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. This issue allows remote attackers to disconnect IRC sessions, denying service to legitimate users. Linksys WRT54G routers are vulnerable to this issue. Routers running with the VxWorks operating system, but not Linux-based operating systems, are reportedly affected. Specific device and firmware version information is not currently available. This BID will be updated as further information is disclosed
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200603-0053",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wrt54g v5",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "wrt54g v5",
"scope": null,
"trust": 0.6,
"vendor": "linksys",
"version": null
},
{
"model": "wgt624",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.25"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.24"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.22"
},
{
"model": "rt-338",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "me102",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.4"
},
{
"model": "me102",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.3"
},
{
"model": "fvs318v2",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "2.4"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "2.4"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.3"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.2"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.1"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.0"
},
{
"model": "fm114p",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "dg834g",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "dg834 adsl firewall router",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "publisher 3f",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20021.40"
},
{
"model": "wrt54gs",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "4.70.6"
},
{
"model": "wrt54gs",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "4.50.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4.04.20.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4.04.0.7"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3.03.3.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3.03.1.3"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.4.4"
},
{
"model": "wrt54g beta",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.02.8"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.00.8"
},
{
"model": "wpc300n wireless-n notebook adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "-4.100.15.5"
},
{
"model": "wap55ag",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.0.7"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.2"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.3"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.42.7"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.40.3"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.9"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "etherfast befvp41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39.64"
},
{
"model": "etherfast befvp41 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.42.7"
},
{
"model": "etherfast befsr81 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.38"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.37"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.36"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.35"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.05.00"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befn2ps4 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.4"
},
{
"model": "befvp41 .3f",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2"
},
{
"model": "befsr81",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befsr41w",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v1"
},
{
"model": "befn2ps4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befcmu10",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wrt54g v5",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:wrt54g_v5:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ryanmeyer14@netscape.net discovered this issue. Both ryanmeyer14@netscape.net and \"Cade Cairns\" \u003ccairnsc@gmail.com\u003e disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "16954"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.9
},
"cve": "CVE-2006-1067",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-1318",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-17175",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1067",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2006-1318",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200603-107",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-17175",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. DCC SEND, or (2) a DCC SEND with an IP address, port, and file size parameter value of 0. Linksys and Netgear routers are susceptible to a remote IRC denial-of-service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. \nThis issue allows remote attackers to disconnect IRC sessions, denying service to legitimate users. \nLinksys WRT54G routers are vulnerable to this issue. Routers running with the VxWorks operating system, but not Linux-based operating systems, are reportedly affected. Specific device and firmware version information is not currently available. This BID will be updated as further information is disclosed",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-17175"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-1067",
"trust": 2.8
},
{
"db": "BID",
"id": "16954",
"trust": 2.6
},
{
"db": "BUGTRAQ",
"id": "20060306 RE: LINKSYS ROUTER + IRC DOS",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2006-1318",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20060304 VARIOUS ROUTER DOS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060303 LINKSYS ROUTER + IRC DOS",
"trust": 0.6
},
{
"db": "XF",
"id": "25230",
"trust": 0.6
},
{
"db": "IVD",
"id": "CCDF0954-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-17175",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"id": "VAR-200603-0053",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
}
],
"trust": 1.5009907
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
}
]
},
"last_update_date": "2023-12-18T12:47:09.542000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/16954"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/426863/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.hm2k.org/news/1141413208.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426761/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426756/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426934/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25230"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426934/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426761/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426756/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25230"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/support_main.asp"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/product.asp?prid=508\u0026scid=35"
},
{
"trust": 0.3,
"url": "/archive/1/426761"
},
{
"trust": 0.3,
"url": "/archive/1/426756"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-03-07T00:00:00",
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2006-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"date": "2006-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-17175"
},
{
"date": "2006-03-04T00:00:00",
"db": "BID",
"id": "16954"
},
{
"date": "2006-03-07T22:06:00",
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"date": "2006-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-17175"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "16954"
},
{
"date": "2018-10-18T16:30:32.073000",
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"date": "2006-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54G Multiple router denial of service vulnerability",
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.8
}
}
VAR-200211-0078
Vulnerability from variot - Updated: 2022-05-17 01:59The Linksys router is a router for small and medium businesses. Linksys routers have security issues that can be exploited by remote attackers to access Linksys routers to view and change configuration data. During the initialization phase of the client and Linksys router management service program (internal interface TCP port 8080), the program incorrectly processes the XML-related data submitted by the client, which may cause an attacker to use the Lynx browser to connect to the internal management interface, and when \"application/ When there is a mailcap entry in foo.xml\", administrative access authentication can be bypassed without password viewing and changing router configuration data. It is still unclear why the vulnerability occurred. Reportedly, the authentication mechanism can be bypassed by requesting a .XML page. This feature is required for UPnP functionality but is not disabled when UPnP support is disabled. This is due to a flaw in the firmware when parsing requests for .XML pages. It has also been reported that firmware revision 1.43.3 only partially fixes this vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200211-0078",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "etherfast befsr41 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15156"
},
{
"db": "BID",
"id": "6201"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery credited to Seth Bromberger \u003csbbugtraq1102@yahoo.com\u003e.",
"sources": [
{
"db": "BID",
"id": "6201"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-15156",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-15156",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15156"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Linksys router is a router for small and medium businesses. Linksys routers have security issues that can be exploited by remote attackers to access Linksys routers to view and change configuration data. During the initialization phase of the client and Linksys router management service program (internal interface TCP port 8080), the program incorrectly processes the XML-related data submitted by the client, which may cause an attacker to use the Lynx browser to connect to the internal management interface, and when \\\"application/ When there is a mailcap entry in foo.xml\\\", administrative access authentication can be bypassed without password viewing and changing router configuration data. It is still unclear why the vulnerability occurred. \nReportedly, the authentication mechanism can be bypassed by requesting a .XML page. This feature is required for UPnP functionality but is not disabled when UPnP support is disabled. This is due to a flaw in the firmware when parsing requests for .XML pages. \nIt has also been reported that firmware revision 1.43.3 only partially fixes this vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15156"
},
{
"db": "BID",
"id": "6201"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "6201",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-15156",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15156"
},
{
"db": "BID",
"id": "6201"
}
]
},
"id": "VAR-200211-0078",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15156"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15156"
}
]
},
"last_update_date": "2022-05-17T01:59:14.764000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Linksys Router does not authorize patches for managing access vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41714"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15156"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=103767638823941\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/download/"
},
{
"trust": 0.3,
"url": "/archive/1/300402"
},
{
"trust": 0.3,
"url": "/archive/1/300836"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15156"
},
{
"db": "BID",
"id": "6201"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-15156"
},
{
"db": "BID",
"id": "6201"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15156"
},
{
"date": "2002-11-18T00:00:00",
"db": "BID",
"id": "6201"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15156"
},
{
"date": "2002-11-18T00:00:00",
"db": "BID",
"id": "6201"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "6201"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys Router is not authorized to manage access vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15156"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access Validation Error",
"sources": [
{
"db": "BID",
"id": "6201"
}
],
"trust": 0.3
}
}
FKIE_CVE-2005-4257
Vulnerability from fkie_nvd - Published: 2005-12-15 11:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "42622989-F386-4C7F-8F64-7C792075D980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F83131C-CE9B-4695-BF3D-A8D2C1AC7F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CF81DAA9-0925-4BEB-B8B0-1B4BB075DBE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD7A2F3-5720-4BB6-BC2C-DF1073A58F2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4_v3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F86E88C1-8695-4836-BADA-D3F25F6DFF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4_v4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78BE65FC-259C-4AF2-AA4D-05F222BC7999",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:wrt54gs:4.50.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9761BB51-0CF6-45BE-9DF2-8953AB32CFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:wrt54gs:4.70.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1CDA3F-F8BB-4B4E-BFAE-2E091A308CE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID."
},
{
"lang": "es",
"value": "Linksys WRT54GS y BEFW11S4 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de dispositivo) mediante un paquete IP con los mismos IPs y puertos de origen y destino, y con la bandera SYN establecida (tcc LAND). NOTA: La proveniencia de esta cuesti\u00f3n es desconocida, los detalles son obtenidos exclusivamente de BID."
}
],
"id": "CVE-2005-4257",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-15T11:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/15861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/15861"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-1865
Vulnerability from fkie_nvd - Published: 2002-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:d-link:di-804:4.68:*:*:*:*:*:*:*",
"matchCriteriaId": "682B925F-6936-473E-B567-401248F9E450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:d-link:dl-704:2.56_b5:*:*:*:*:*:*:*",
"matchCriteriaId": "0E526B60-E8B4-4D52-A9D4-DFAD64422AA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:d-link:dl-704:2.56_b6:*:*:*:*:*:*:*",
"matchCriteriaId": "CDABE9BE-EB0D-4AC9-8916-C5E1C5365011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "42622989-F386-4C7F-8F64-7C792075D980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.37.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2303BCE5-C79C-470E-A1C8-89BCEF555669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.37.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "071EE444-052C-4FF9-83E6-D3E6C42F0448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.37.9b:*:*:*:*:*:*:*",
"matchCriteriaId": "26CFCACD-B22F-4CD3-A1A5-D70AEB7A58E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.40.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E62382-218A-4F2A-828F-85A8DE1867DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "581EDB94-7607-432B-8FD0-8FB8FB587F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:wap11:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B03C2B-DAB8-4BB2-BDAC-66340134B5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:wap11:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F357B531-7BA8-4081-A689-C56730F7F2CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header."
}
],
"id": "CVE-2002-1865",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10537.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/6090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10537.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/6090"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-1312
Vulnerability from fkie_nvd - Published: 2002-11-20 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linksys | befn2ps4 | 1.42.7 | |
| linksys | befsr11 | 1.42.7 | |
| linksys | befsr11 | 1.43 | |
| linksys | befsr41 | 1.42.7 | |
| linksys | befsr41 | 1.43 | |
| linksys | befsr81 | 2.42.7.1 | |
| linksys | befsru31 | 1.42.7 | |
| linksys | befsru31 | 1.43 | |
| linksys | befsx41 | 1.42.7 | |
| linksys | befvp41 | 1.42.7 | |
| linksys | befw11s4 | 1.4.2.7 | |
| linksys | befw11s4 | 1.4.3 | |
| linksys | hpro200 | 1.42.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:befn2ps4:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FFAA33-12EC-40E4-9A34-DDB95A77A63C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F5E5AA-6469-4405-BDE9-AD4D174A1A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA4C23A-598A-4B11-BD78-39EA55E0E6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "525E00CA-DEEA-410F-A90C-C73C8D304E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "6337002A-EA1A-47A9-B4A5-E3EECD859C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr81:2.42.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5B40A4-E7CA-4BDD-899E-3693129D347E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "958AF49D-FB97-476F-B8DF-5A760F72DBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "E80E4BFD-DB4D-4574-A0F6-15881A66F308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6353EE40-1C83-4A1A-836F-6716D95A5A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56484A79-0B44-439F-A64B-B55660E0C7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "42622989-F386-4C7F-8F64-7C792075D980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befw11s4:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F83131C-CE9B-4695-BF3D-A8D2C1AC7F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:hpro200:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C59B3AAD-9A03-4AB3-ABA7-4EA738A9B4F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
],
"id": "CVE-2002-1312",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-20T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6301"
},
{
"source": "cve@mitre.org",
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2005-4257 (GCVE-0-2005-4257)
Vulnerability from cvelistv5 – Published: 2005-12-15 11:00 – Updated: 2024-09-17 03:27
VLAI?
Summary
Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15861",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-15T11:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15861",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15861"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15861",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15861"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4257",
"datePublished": "2005-12-15T11:00:00Z",
"dateReserved": "2005-12-15T00:00:00Z",
"dateUpdated": "2024-09-17T03:27:43.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1865 (GCVE-0-2002-1865)
Vulnerability from cvelistv5 – Published: 2005-06-28 04:00 – Updated: 2024-09-17 02:17
VLAI?
Summary
Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6090",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6090"
},
{
"name": "ap-embedded-http-dos(10537)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10537.php"
},
{
"name": "20021101 Re: IDEFENSE DOS in Linksys BEFSR41 EtherFast Cable/DSL Router + More issues DLINK \u0026 LINKSYS",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6090",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6090"
},
{
"name": "ap-embedded-http-dos(10537)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10537.php"
},
{
"name": "20021101 Re: IDEFENSE DOS in Linksys BEFSR41 EtherFast Cable/DSL Router + More issues DLINK \u0026 LINKSYS",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6090",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6090"
},
{
"name": "ap-embedded-http-dos(10537)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10537.php"
},
{
"name": "20021101 Re: IDEFENSE DOS in Linksys BEFSR41 EtherFast Cable/DSL Router + More issues DLINK \u0026 LINKSYS",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1865",
"datePublished": "2005-06-28T04:00:00Z",
"dateReserved": "2005-06-28T04:00:00Z",
"dateUpdated": "2024-09-17T02:17:04.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1312 (GCVE-0-2002-1312)
Vulnerability from cvelistv5 – Published: 2005-04-14 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10",
"refsource": "MISC",
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1312",
"datePublished": "2005-04-14T04:00:00",
"dateReserved": "2002-11-18T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4257 (GCVE-0-2005-4257)
Vulnerability from nvd – Published: 2005-12-15 11:00 – Updated: 2024-09-17 03:27
VLAI?
Summary
Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15861",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-15T11:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15861",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15861"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15861",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15861"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4257",
"datePublished": "2005-12-15T11:00:00Z",
"dateReserved": "2005-12-15T00:00:00Z",
"dateUpdated": "2024-09-17T03:27:43.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1865 (GCVE-0-2002-1865)
Vulnerability from nvd – Published: 2005-06-28 04:00 – Updated: 2024-09-17 02:17
VLAI?
Summary
Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6090",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6090"
},
{
"name": "ap-embedded-http-dos(10537)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10537.php"
},
{
"name": "20021101 Re: IDEFENSE DOS in Linksys BEFSR41 EtherFast Cable/DSL Router + More issues DLINK \u0026 LINKSYS",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6090",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6090"
},
{
"name": "ap-embedded-http-dos(10537)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10537.php"
},
{
"name": "20021101 Re: IDEFENSE DOS in Linksys BEFSR41 EtherFast Cable/DSL Router + More issues DLINK \u0026 LINKSYS",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6090",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6090"
},
{
"name": "ap-embedded-http-dos(10537)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10537.php"
},
{
"name": "20021101 Re: IDEFENSE DOS in Linksys BEFSR41 EtherFast Cable/DSL Router + More issues DLINK \u0026 LINKSYS",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1865",
"datePublished": "2005-06-28T04:00:00Z",
"dateReserved": "2005-06-28T04:00:00Z",
"dateUpdated": "2024-09-17T02:17:04.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1312 (GCVE-0-2002-1312)
Vulnerability from nvd – Published: 2005-04-14 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10",
"refsource": "MISC",
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1312",
"datePublished": "2005-04-14T04:00:00",
"dateReserved": "2002-11-18T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}