FKIE_CVE-2004-0580
Vulnerability from fkie_nvd - Published: 2004-08-06 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:befcmu10:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90DA95A3-DF00-411F-8582-60CB737BA116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befn2ps4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C888358-9CF4-4D5B-AAC0-7E606978C00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befn2ps4:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FFAA33-12EC-40E4-9A34-DDB95A77A63C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.40.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BC087D32-60A2-48AD-8DD3-1088C641F880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2B43B5-0083-4F71-BD69-9EA4C0AE1ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F69304C-DC53-4782-AEE0-E575B44FF56D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F5E5AA-6469-4405-BDE9-AD4D174A1A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA4C23A-598A-4B11-BD78-39EA55E0E6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26EE9DDF-2DCD-4432-A513-84AE9BCE94C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr11:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A867E8-F2ED-4772-BB5A-C50FFBA1B448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "A52F18C5-6D00-493C-B38F-D6695670357F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.36:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7E417D-3751-4FCF-AECC-7601F77198E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.37:*:*:*:*:*:*:*",
"matchCriteriaId": "127E79AF-33BE-485E-B4A3-058ECC898E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.38.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49FC600-D1E3-4233-AC8A-DBFA87D2138D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.39:*:*:*:*:*:*:*",
"matchCriteriaId": "A0754C5C-166A-4084-A4A5-510AAC1AC6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.40.2:*:*:*:*:*:*:*",
"matchCriteriaId": "858C8B66-8FF4-4A1E-9B2D-363AC169467E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "048E48C6-6A62-4E64-A69C-0F7B872AA121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FAD3B2-69ED-451F-9CD2-6B552E962B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "525E00CA-DEEA-410F-A90C-C73C8D304E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "6337002A-EA1A-47A9-B4A5-E3EECD859C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E88F34EA-AFCF-4CED-A7A4-9C76309E90E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "C5219F89-4CB8-4239-A7C2-1E869E931777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41:1.45.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC6E599-5026-4580-B94F-6DD33E0952DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr41w:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC1F57E-2E8F-419C-8725-18208B8C1874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr81:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF867F97-F14F-4056-B0C8-A72E2FE2E74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr81:2.42.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5B40A4-E7CA-4BDD-899E-3693129D347E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsr81:2.44:*:*:*:*:*:*:*",
"matchCriteriaId": "7142F135-C45C-4737-BDBB-1CCF2A1827EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.40.2:*:*:*:*:*:*:*",
"matchCriteriaId": "914AC3F4-064A-47A6-B707-00FCC0607761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "44405B42-D7AD-42E3-BD17-A619936DC02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9209ABC6-7DAA-46CE-8F59-2F9430FF2491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "958AF49D-FB97-476F-B8DF-5A760F72DBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "E80E4BFD-DB4D-4574-A0F6-15881A66F308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "67CC8982-FF47-45CF-8861-AD2F5A8D0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsru31:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "892159A1-620C-413A-ADE5-205B12E5E080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6353EE40-1C83-4A1A-836F-6716D95A5A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "2704FB57-AC43-4C92-B038-8C226C8A47B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.43.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD7A706-C379-4D56-97CA-88D3F76D4EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.43.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0F2944-C902-4652-85FA-9223773D53DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "90E9B1CD-FFC1-4318-BB31-6753DEF73D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.44.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EFD70A-34B4-4F27-9377-A665505895D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befsx41:1.45.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B23D8CA-A966-4E23-B6D2-4E7AAD239543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A513272D-E013-498F-8582-0645DB3366F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.39.64:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADD86DE-4495-4C95-9C32-294442915A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.40.3f:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB5F870-AE5C-4B0E-AEEA-335A990E6EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.40.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C359F33C-D4B0-4C22-8CEE-86F6FE8A1987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:befvp41:1.42.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56484A79-0B44-439F-A64B-B55660E0C7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:rv082:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88647EC9-AD63-4643-B1B9-C0C224E6F93B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:wap55ag:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "935294D7-41A5-4E47-A168-A908E61CADCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:wrt54g:1.42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC73D9-CBB8-4683-BB21-3AA0F9468F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:linksys:wrt54g:2.00.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF3AB9D-CE52-42CF-9FD7-ECB83495C3AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information."
},
{
"lang": "es",
"value": "DHCP en los encaminadores de cable y ADSL Linksys BEFSR11, BEFSR41, BEFSR81 y BEFSRU31, con versi\u00f3n de firmware 1.45.7, no limpia adecuadamente b\u00faferes usados anteriormente en un paquete de respueta BOOTP, lo que permite a atacantes remotos obtener informaci\u00f3n sensible."
}
],
"id": "CVE-2004-0580",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11606"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6325"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10329"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…