Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4733

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-4733
Last Modified 15 Nov 2008 01:58:20
Published 06 Sep 2007 03:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4733

Summary

The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote attackers to connect to the web interface by guessing a TCP sequence number, possibly involving spoofing of an ARP packet, a related issue to CVE-1999-0077.

Vulnerable Systems


References

BUGTRAQ - 20070830 Aztech router DSL600EU IP and ARP spoof

SECTRACK - 1018641

OSVDB - 45877

SREASON - 3093


Last Updated: 27 May 2016 10:45:57