Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0580

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0580
Last Modified 10 Sep 2008 03:26:52
Published 06 Aug 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0580

Summary

DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.

Vulnerable Systems


References

XF - linksys-etherfast-bootp-dos(16142)

BID - 10329

BUGTRAQ - 20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data

CONFIRM - http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832&p_%20\created=1086294093&p_sid=pU1X1idh&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20\JnBfcm93X2NudD02NTQmcF9wYWdlPTE*&p_li=

OSVDB - 6325

SECTRACK - 1010288

SECUNIA - 11606


Last Updated: 27 May 2016 10:38:39