PT-2004-1679 · Linksys · Linksys Befsr81+3

Lance Armstrong

Publicado

2004-06-23

Atualizado

2018-08-13

CVE-2004-0580

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers version 1.45.7

Description The issue concerns the DHCP service on certain Linksys Cable/DSL Routers. It does not properly clear previously used buffer contents in a BOOTP reply packet. This allows remote attackers to obtain sensitive information.

Recommendations For version 1.45.7, consider updating the firmware to a newer version that addresses this issue, as the current version does not properly handle buffer contents in BOOTP reply packets.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2004-0580

Produtos afetados

Linksys Befsr11

Linksys Befsr41

Linksys Befsr81

Linksys Befsru31

PT-2004-1679 · Linksys · Linksys Befsr81+3

CVE-2004-0580

Identificadores relacionados

Produtos afetados

Referências · 9