Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1252

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-1252
Last Modified 05 Sep 2008 05:37:14
Published 10 Mar 2008 01:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1252

Summary

b_banner.stm (aka the login page) on the Deutsche Telekom Speedport W500 DSL router allows remote attackers to obtain the logon password by reading the pwd field in the HTML source.

Vulnerable Systems


References

BUGTRAQ - 20080301 The Router Hacking Challenge is Over!

MISC - http://www.gnucitizen.org/projects/router-hacking-challenge/

XF - speedport-w500-bbanner-info-disclosure(41128)

BID - 28382

SECUNIA - 29414


Last Updated: 27 May 2016 10:47:05