CVE-2002-0109 (GCVE-0-2002-0109)

Vulnerability from cvelistv5 – Published: 2002-03-15 05:00 – Updated: 2024-08-08 02:35
VLAI?
Summary
Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string "public," which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:35:17.595Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "3795",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3795"
          },
          {
            "name": "3797",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3797"
          },
          {
            "name": "linksys-etherfast-default-snmp(7827)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/7827.php"
          },
          {
            "name": "20020106 Linksys \u0027routers\u0027, SNMP issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=101039288111680\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string \"public,\" which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "3795",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3795"
        },
        {
          "name": "3797",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3797"
        },
        {
          "name": "linksys-etherfast-default-snmp(7827)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/7827.php"
        },
        {
          "name": "20020106 Linksys \u0027routers\u0027, SNMP issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=101039288111680\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0109",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string \"public,\" which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "3795",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3795"
            },
            {
              "name": "3797",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3797"
            },
            {
              "name": "linksys-etherfast-default-snmp(7827)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/7827.php"
            },
            {
              "name": "20020106 Linksys \u0027routers\u0027, SNMP issues",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=101039288111680\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0109",
    "datePublished": "2002-03-15T05:00:00",
    "dateReserved": "2002-03-15T00:00:00",
    "dateUpdated": "2024-08-08T02:35:17.595Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:linksys:befn2ps4:0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42DB1FD4-FF20-4298-8426-E51741BFE981\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:linksys:befsr41:0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8D27E11-B802-433D-98A0-2A6F9C9CB5DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:linksys:befsr81:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF867F97-F14F-4056-B0C8-A72E2FE2E74D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string \\\"public,\\\" which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query.\"}, {\"lang\": \"es\", \"value\": \"Los routers Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81, y posiblemente otros productos, permiten a atacantes remotos obterner informaci\\u00f3n sensible y provocar una denegaci\\u00f3n de servicio mediante una consulta SNMP con la cadena de comunidad por defecto \\\"public,\\\" lo que provoca que el router cambie su configuraci\\u00f3n y envie informaci\\u00f3n de trampa SNMP de vuelta al sistema que inici\\u00f3 la consulta.\"}]",
      "id": "CVE-2002-0109",
      "lastModified": "2024-11-20T23:38:19.903",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:P\", \"baseScore\": 6.4, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2002-03-25T05:00:00.000",
      "references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=101039288111680\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.iss.net/security_center/static/7827.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/3795\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/3797\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=101039288111680\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.iss.net/security_center/static/7827.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/3795\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/3797\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2002-0109\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2002-03-25T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string \\\"public,\\\" which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query.\"},{\"lang\":\"es\",\"value\":\"Los routers Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81, y posiblemente otros productos, permiten a atacantes remotos obterner informaci\u00f3n sensible y provocar una denegaci\u00f3n de servicio mediante una consulta SNMP con la cadena de comunidad por defecto \\\"public,\\\" lo que provoca que el router cambie su configuraci\u00f3n y envie informaci\u00f3n de trampa SNMP de vuelta al sistema que inici\u00f3 la consulta.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:P\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:linksys:befn2ps4:0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42DB1FD4-FF20-4298-8426-E51741BFE981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:linksys:befsr41:0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8D27E11-B802-433D-98A0-2A6F9C9CB5DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:linksys:befsr81:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF867F97-F14F-4056-B0C8-A72E2FE2E74D\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=101039288111680\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.iss.net/security_center/static/7827.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/3795\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/3797\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=101039288111680\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.iss.net/security_center/static/7827.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/3795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/3797\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.