Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1069

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1069
Last Modified 05 Sep 2008 04:29:42
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1069

Summary

The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device Status, or (3) Device Information.

Vulnerable Systems


References

BID - 5553

BID - 5544

XF - dlink-admin-device-information(9969)

XF - dlink-admin-dhcp-release(9967)

BUGTRAQ - 20020822 possible exploit: D-Link DI-804 unauthorized DHCP release from WAN

BUGTRAQ - 20020822 Re: possible exploit: D-Link DI-804 unauthorized DHCP release


Last Updated: 27 May 2016 10:37:11