Search criteria
6 vulnerabilities by avm
CVE-2015-7242 (GCVE-0-2015-7242)
Vulnerability from cvelistv5 – Published: 2016-01-12 19:00 – Updated: 2024-08-06 07:43
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:45.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://avm.de/service/sicherheitsinfos-zu-updates/"
},
{
"name": "20160107 [CVE-2015-7242] AVM FRITZ!Box: HTML Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537249/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://avm.de/service/sicherheitsinfos-zu-updates/"
},
{
"name": "20160107 [CVE-2015-7242] AVM FRITZ!Box: HTML Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537249/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html"
},
{
"name": "http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt",
"refsource": "MISC",
"url": "http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt"
},
{
"name": "https://avm.de/service/sicherheitsinfos-zu-updates/",
"refsource": "CONFIRM",
"url": "https://avm.de/service/sicherheitsinfos-zu-updates/"
},
{
"name": "20160107 [CVE-2015-7242] AVM FRITZ!Box: HTML Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537249/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7242",
"datePublished": "2016-01-12T19:00:00",
"dateReserved": "2015-09-18T00:00:00",
"dateUpdated": "2024-08-06T07:43:45.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8886 (GCVE-0-2014-8886)
Vulnerability from cvelistv5 – Published: 2016-01-08 20:00 – Updated: 2024-08-06 13:33
VLAI?
Summary
AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote attackers to create symlinks or overwrite critical files, and consequently execute arbitrary code, via a crafted firmware image.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:33:11.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160107 [RT-SA-2014-014] AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/12"
},
{
"name": "20160107 [RT-SA-2014-014] AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537246/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.redteam-pentesting.de/advisories/rt-sa-2014-014"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135161/AVM-FRITZ-Box-Arbitrary-Code-Execution-Via-Firmware-Images.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://avm.de/service/sicherheitsinfos-zu-updates/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote attackers to create symlinks or overwrite critical files, and consequently execute arbitrary code, via a crafted firmware image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20160107 [RT-SA-2014-014] AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/12"
},
{
"name": "20160107 [RT-SA-2014-014] AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537246/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.redteam-pentesting.de/advisories/rt-sa-2014-014"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135161/AVM-FRITZ-Box-Arbitrary-Code-Execution-Via-Firmware-Images.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://avm.de/service/sicherheitsinfos-zu-updates/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote attackers to create symlinks or overwrite critical files, and consequently execute arbitrary code, via a crafted firmware image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160107 [RT-SA-2014-014] AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/12"
},
{
"name": "20160107 [RT-SA-2014-014] AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537246/100/0/threaded"
},
{
"name": "https://www.redteam-pentesting.de/advisories/rt-sa-2014-014",
"refsource": "MISC",
"url": "https://www.redteam-pentesting.de/advisories/rt-sa-2014-014"
},
{
"name": "http://packetstormsecurity.com/files/135161/AVM-FRITZ-Box-Arbitrary-Code-Execution-Via-Firmware-Images.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135161/AVM-FRITZ-Box-Arbitrary-Code-Execution-Via-Firmware-Images.html"
},
{
"name": "https://avm.de/service/sicherheitsinfos-zu-updates/",
"refsource": "CONFIRM",
"url": "https://avm.de/service/sicherheitsinfos-zu-updates/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8886",
"datePublished": "2016-01-08T20:00:00",
"dateReserved": "2014-11-14T00:00:00",
"dateUpdated": "2024-08-06T13:33:11.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9727 (GCVE-0-2014-9727)
Vulnerability from cvelistv5 – Published: 2015-05-29 15:00 – Updated: 2024-09-17 02:51
VLAI?
Summary
AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter to cgi-bin/webcm.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Fritz%21Box-%E2%80%93-Remote-Command-Execution-Exploit-Attempt/"
},
{
"name": "33136",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/33136"
},
{
"name": "103289",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/103289"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter to cgi-bin/webcm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-29T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Fritz%21Box-%E2%80%93-Remote-Command-Execution-Exploit-Attempt/"
},
{
"name": "33136",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/33136"
},
{
"name": "103289",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/103289"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9727",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter to cgi-bin/webcm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Fritz!Box-%E2%80%93-Remote-Command-Execution-Exploit-Attempt/",
"refsource": "MISC",
"url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Fritz!Box-%E2%80%93-Remote-Command-Execution-Exploit-Attempt/"
},
{
"name": "33136",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/33136"
},
{
"name": "103289",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/103289"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9727",
"datePublished": "2015-05-29T15:00:00Z",
"dateReserved": "2015-05-29T00:00:00Z",
"dateUpdated": "2024-09-17T02:51:53.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0431 (GCVE-0-2007-0431)
Vulnerability from cvelistv5 – Published: 2007-01-23 02:00 – Updated: 2024-08-07 12:19
VLAI?
Summary
AVM Fritz!Box 7050, and possibly other product models, allows remote attackers to cause a denial of service (VoIP application crash) via a zero-length UDP packet to the SIP port (port 5060).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:30.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070119 DoS against AVM Fritz!Box 7050 (and others)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0387.html"
},
{
"name": "22130",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22130"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://mazzoo.de/blog/2007/01/18#FritzBox_DoS"
},
{
"name": "23868",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23868"
},
{
"name": "ADV-2007-0272",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0272"
},
{
"name": "20070123 Re: DoS against AVM Fritz!Box 7050 (and others)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/457829/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.avm.de/fritz.box/fritzbox.fon_wlan_7050/firmware/info.txt"
},
{
"name": "fritzbox-udp-packet-dos(31633)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31633"
},
{
"name": "32940",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32940"
},
{
"name": "20070119 DoS against AVM Fritz!Box 7050 (and others)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/457406/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "AVM Fritz!Box 7050, and possibly other product models, allows remote attackers to cause a denial of service (VoIP application crash) via a zero-length UDP packet to the SIP port (port 5060)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070119 DoS against AVM Fritz!Box 7050 (and others)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0387.html"
},
{
"name": "22130",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22130"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://mazzoo.de/blog/2007/01/18#FritzBox_DoS"
},
{
"name": "23868",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23868"
},
{
"name": "ADV-2007-0272",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0272"
},
{
"name": "20070123 Re: DoS against AVM Fritz!Box 7050 (and others)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/457829/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.avm.de/fritz.box/fritzbox.fon_wlan_7050/firmware/info.txt"
},
{
"name": "fritzbox-udp-packet-dos(31633)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31633"
},
{
"name": "32940",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32940"
},
{
"name": "20070119 DoS against AVM Fritz!Box 7050 (and others)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/457406/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AVM Fritz!Box 7050, and possibly other product models, allows remote attackers to cause a denial of service (VoIP application crash) via a zero-length UDP packet to the SIP port (port 5060)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070119 DoS against AVM Fritz!Box 7050 (and others)",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0387.html"
},
{
"name": "22130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22130"
},
{
"name": "http://mazzoo.de/blog/2007/01/18#FritzBox_DoS",
"refsource": "MISC",
"url": "http://mazzoo.de/blog/2007/01/18#FritzBox_DoS"
},
{
"name": "23868",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23868"
},
{
"name": "ADV-2007-0272",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0272"
},
{
"name": "20070123 Re: DoS against AVM Fritz!Box 7050 (and others)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457829/100/0/threaded"
},
{
"name": "ftp://ftp.avm.de/fritz.box/fritzbox.fon_wlan_7050/firmware/info.txt",
"refsource": "CONFIRM",
"url": "ftp://ftp.avm.de/fritz.box/fritzbox.fon_wlan_7050/firmware/info.txt"
},
{
"name": "fritzbox-udp-packet-dos(31633)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31633"
},
{
"name": "32940",
"refsource": "OSVDB",
"url": "http://osvdb.org/32940"
},
{
"name": "20070119 DoS against AVM Fritz!Box 7050 (and others)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457406/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0431",
"datePublished": "2007-01-23T02:00:00",
"dateReserved": "2007-01-22T00:00:00",
"dateUpdated": "2024-08-07T12:19:30.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0261 (GCVE-0-2000-0261)
Vulnerability from cvelistv5 – Published: 2000-07-12 04:00 – Updated: 2024-08-08 05:14
VLAI?
Summary
The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1282",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1282"
},
{
"name": "1103",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1103"
},
{
"name": "20000418 AVM\u0027s Statement",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=383085010.956159226625.JavaMail.root%40web305-mc.mail.com"
},
{
"name": "20000415 (no subject)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0073.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1282",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1282"
},
{
"name": "1103",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1103"
},
{
"name": "20000418 AVM\u0027s Statement",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=383085010.956159226625.JavaMail.root%40web305-mc.mail.com"
},
{
"name": "20000415 (no subject)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0073.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1282",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1282"
},
{
"name": "1103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1103"
},
{
"name": "20000418 AVM\u0027s Statement",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=383085010.956159226625.JavaMail.root@web305-mc.mail.com"
},
{
"name": "20000415 (no subject)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0073.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0261",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0262 (GCVE-0-2000-0262)
Vulnerability from cvelistv5 – Published: 2000-07-12 04:00 – Updated: 2024-08-08 05:14
VLAI?
Summary
The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1103",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1103"
},
{
"name": "20000418 AVM\u0027s Statement",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=383085010.956159226625.JavaMail.root%40web305-mc.mail.com"
},
{
"name": "20000415 (no subject)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0073.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1103",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1103"
},
{
"name": "20000418 AVM\u0027s Statement",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=383085010.956159226625.JavaMail.root%40web305-mc.mail.com"
},
{
"name": "20000415 (no subject)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0073.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1103"
},
{
"name": "20000418 AVM\u0027s Statement",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=383085010.956159226625.JavaMail.root@web305-mc.mail.com"
},
{
"name": "20000415 (no subject)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0073.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0262",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}