Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2424

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2424
Last Modified 05 Sep 2008 04:51:43
Published 03 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2424

Summary

The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the interface to freeze.

Vulnerable Systems


References

MISC - http://www.securenetwork.it/advisories/

XF - santis50-packet-gain-access(21552)

BID - 14372

OSVDB - 18294

SECUNIA - 16215

BUGTRAQ - 20050725 Siemens SANTIS 50 Authentication Vulnerability


Last Updated: 27 May 2016 10:40:31