PT-2002-2255 · Linksys · Linksys Befw11S4+3
Published
2002-11-20
·
Updated
2017-07-11
·
CVE-2002-1312
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions:
Linksys BEFW11S4 wireless access point router version prior to 1.43.3
Linksys BEFSR11 versions prior to 1.43.3
Linksys BEFSR41 versions prior to 1.43.3
Linksys BEFSRU31 versions prior to 1.43.3
Description:
The issue is related to a buffer overflow in the Web management interface of certain Linksys routers. This can be exploited by remote attackers to cause a denial of service, resulting in a router crash. The attack is possible when remote management is enabled and a long password is used.
Recommendations:
For Linksys BEFW11S4 wireless access point router version prior to 1.43.3, update the firmware to version 1.43.3 or later.
For Linksys BEFSR11 versions prior to 1.43.3, update the firmware to version 1.43.3 or later.
For Linksys BEFSR41 versions prior to 1.43.3, update the firmware to version 1.43.3 or later.
For Linksys BEFSRU31 versions prior to 1.43.3, update the firmware to version 1.43.3 or later.
As a temporary workaround, consider disabling remote management until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linksys Befsr11
Linksys Befsr41
Linksys Befsru31
Linksys Befw11S4