VAR-200212-0296
Vulnerability from variot - Updated: 2023-12-18 13:41Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header. HTTP service programs are embedded in wireless access point devices from multiple vendors.
The embedded HTTP service program in the wireless access point devices of multiple manufacturers does not handle the long HTTP requests correctly. Remote attackers can use this vulnerability to conduct denial of service attacks on wireless access devices.
An attacker can send a malformed HTTP request that contains the Host: field with too many strings, which can cause the device to stop responding to normal communications and cause a denial of service. A device restart is required to restore normal functionality.
Although not confirmed, it should be caused by a buffer overflow, and there may be an opportunity to execute arbitrary instructions on the system with the permissions of the WEB process. An attacker can exploit this vulnerability to cause the device to stop functioning. Although not yet confirmed, it has been speculated that this issue is a result of a buffer overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0296",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "di-804",
"scope": "eq",
"trust": 1.9,
"vendor": "d link",
"version": "4.68"
},
{
"model": "dl-704",
"scope": "eq",
"trust": 1.6,
"vendor": "d link",
"version": "2.56_b6"
},
{
"model": "dl-704",
"scope": "eq",
"trust": 1.6,
"vendor": "d link",
"version": "2.56_b5"
},
{
"model": "wap11",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.4"
},
{
"model": "wap11",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.37.2"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.37.2b"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.37.9b"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.40.3"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.42.7"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.40.3"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.9"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "dl-704 b6",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.56"
},
{
"model": "dl-704 b5",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.56"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"db": "BID",
"id": "6090"
},
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:d-link:di-804:4.68:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:d-link:dl-704:2.56_b5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.4.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.40.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.42.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:wap11:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:wap11:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:d-link:dl-704:2.56_b6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.37.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.37.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:linksys:befw11s4:1.37.9b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1865"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mark Litchfield\u203b mark@ngssoftware.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1865",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-6248",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1865",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-477",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6248",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6248"
},
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header. HTTP service programs are embedded in wireless access point devices from multiple vendors. \n\n\u00a0The embedded HTTP service program in the wireless access point devices of multiple manufacturers does not handle the long HTTP requests correctly. Remote attackers can use this vulnerability to conduct denial of service attacks on wireless access devices. \n\n\u00a0An attacker can send a malformed HTTP request that contains the Host: field with too many strings, which can cause the device to stop responding to normal communications and cause a denial of service. A device restart is required to restore normal functionality. \n\n\u00a0Although not confirmed, it should be caused by a buffer overflow, and there may be an opportunity to execute arbitrary instructions on the system with the permissions of the WEB process. An attacker can exploit this vulnerability to cause the device to stop functioning. \nAlthough not yet confirmed, it has been speculated that this issue is a result of a buffer overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"db": "BID",
"id": "6090"
},
{
"db": "VULHUB",
"id": "VHN-6248"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-6248",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6248"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1865",
"trust": 2.3
},
{
"db": "BID",
"id": "6090",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-3972",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3765",
"trust": 0.6
},
{
"db": "XF",
"id": "10537",
"trust": 0.6
},
{
"db": "VULNWATCH",
"id": "20021101 RE: IDEFENSE DOS IN LINKSYS BEFSR41 ETHERFAST CABLE/DSL ROUTER + MORE ISSUES DLINK \u0026 LINKSYS",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-75793",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21978",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-6248",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"db": "VULHUB",
"id": "VHN-6248"
},
{
"db": "BID",
"id": "6090"
},
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"id": "VAR-200212-0296",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6248"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:41:03.390000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1865"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6090"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0052.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10537.php"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3765"
},
{
"trust": 0.3,
"url": "http://www1.linksys.com/products/product.asp?grid=34\u0026scid=29\u0026prid=607"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/group.asp?grid=23"
},
{
"trust": 0.3,
"url": "http://www.d-link.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6248"
},
{
"db": "BID",
"id": "6090"
},
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"db": "VULHUB",
"id": "VHN-6248"
},
{
"db": "BID",
"id": "6090"
},
{
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6248"
},
{
"date": "2002-11-01T00:00:00",
"db": "BID",
"id": "6090"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"date": "2002-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-3972"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6248"
},
{
"date": "2002-11-01T00:00:00",
"db": "BID",
"id": "6090"
},
{
"date": "2008-09-05T20:31:42.933000",
"db": "NVD",
"id": "CVE-2002-1865"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Remote Denial of Service Attack Vulnerability in HTTP Servers Embedded in Wireless Access Points from Multiple Vendors",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3972"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "6090"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-477"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…