Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2914

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2914
Last Modified 05 Sep 2008 04:52:58
Published 14 Sep 2005 05:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2914

Summary

ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration.

Vulnerable Systems


References

IDEFENSE - 20050913 Linksys WRT54G Router Remote Administration Fixed Encryption Key Vulnerability


Last Updated: 27 May 2016 10:40:40