PT-2003-2040 · Thomson · Thomson Tcw690+2

Murdok

Published

2003-12-31

Updated

2017-07-11

CVE-2003-1085

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Thomson TWC305 version ST42.03.0a Thomson TWC315 version ST42.03.0a Thomson TCW690 version ST42.03.0a

Description The issue allows remote attackers to cause unstable service, possibly due to a buffer overflow, by sending a long GET request to the HTTP server.

Recommendations For Thomson TWC305 version ST42.03.0a, restrict access to the HTTP server until a fix is available. For Thomson TWC315 version ST42.03.0a, limit the length of incoming GET requests to prevent unstable service. For Thomson TCW690 version ST42.03.0a, consider disabling the HTTP server as a temporary workaround until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-1085

Affected Products

Thomson Tcw690

Thomson Twc305

Thomson Twc315

PT-2003-2040 · Thomson · Thomson Tcw690+2

CVE-2003-1085

Related Identifiers

Affected Products

References · 12