Details of VAR-200005-0061

ID

VAR-200005-0061

CVE

CVE-2000-0417

TITLE

Cayman 3220-H DSL Router DoS Vulnerability

Trust: 0.9

sources: BID: 1219 // CNNVD: CNNVD-200005-066

DESCRIPTION

The HTTP administration interface to the Cayman 3220-H DSL router allows remote attackers to cause a denial of service via a long username or password. Router log will show "restart not in response to admin command". Cayman 3220-H DS has a vulnerability in the HTTP management interface

Trust: 2.07

sources: NVD: CVE-2000-0417 // CERT/CC: VU#36312 // BID: 1219 // VULHUB: VHN-1996 // VULMON: CVE-2000-0417

AFFECTED PRODUCTS

vendor:	cayman	model:	3220-h dsl router	scope:	eq	version:	1.0	Trust: 1.9
vendor:	cayman	model:	gatorsurf	scope:	eq	version:	5.5build_r0	Trust: 1.6
vendor:	cayman	model:	gatorsurf	scope:	eq	version:	5.3build_r2	Trust: 1.6
vendor:	cayman	model:	gatorsurf	scope:	eq	version:	5.3build_r1	Trust: 1.6
vendor:	cayman	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cayman	model:	gatorsurf build r0	scope:	eq	version:	5.5	Trust: 0.3
vendor:	cayman	model:	gatorsurf build r2	scope:	eq	version:	5.3	Trust: 0.3
vendor:	cayman	model:	gatorsurf build r1	scope:	eq	version:	5.3	Trust: 0.3
vendor:	cayman	model:	gatorsurf build r1	scope:	ne	version:	5.5	Trust: 0.3

sources: CERT/CC: VU#36312 // BID: 1219 // CNNVD: CNNVD-200005-066 // NVD: CVE-2000-0417

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2000-0417
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#36312
value:	3.59
Trust: 0.8
CNNVD:	CNNVD-200005-066
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-1996
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2000-0417
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2000-0417
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-1996
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#36312 // VULHUB: VHN-1996 // VULMON: CVE-2000-0417 // CNNVD: CNNVD-200005-066 // NVD: CVE-2000-0417

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-0417

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200005-066

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200005-066

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-1996 // VULMON: CVE-2000-0417

EXTERNAL IDS

db:	BID	id:	1219	Trust: 2.9
db:	NVD	id:	CVE-2000-0417	Trust: 1.8
db:	CERT/CC	id:	VU#36312	Trust: 0.9
db:	CNNVD	id:	CNNVD-200005-066	Trust: 0.7
db:	BUGTRAQ	id:	20000505 CAYMAN 3220-H DSL ROUTER DOS	Trust: 0.6
db:	BUGTRAQ	id:	20000523 CAYMAN 3220H DSL ROUTER SOFTWARE UPDATE AND NEW BONUS ATTACK	Trust: 0.6
db:	EXPLOIT-DB	id:	19923	Trust: 0.2
db:	SEEBUG	id:	SSVID-73830	Trust: 0.1
db:	VULHUB	id:	VHN-1996	Trust: 0.1
db:	VULMON	id:	CVE-2000-0417	Trust: 0.1

sources: CERT/CC: VU#36312 // VULHUB: VHN-1996 // VULMON: CVE-2000-0417 // BID: 1219 // CNNVD: CNNVD-200005-066 // NVD: CVE-2000-0417

REFERENCES

url:	http://www.securityfocus.com/bid/1219	Trust: 2.6
url:	http://archives.neohapsis.com/archives/bugtraq/2000-05/0075.html	Trust: 1.8
url:	http://archives.neohapsis.com/archives/bugtraq/2000-05/0280.html	Trust: 1.8
url:	http://www.securityfocus.com/archive/1/58800	Trust: 0.8
url:	-	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.exploit-db.com/exploits/19923/	Trust: 0.1
url:	https://www.kb.cert.org/vuls/id/36312	Trust: 0.1

sources: CERT/CC: VU#36312 // VULHUB: VHN-1996 // VULMON: CVE-2000-0417 // CNNVD: CNNVD-200005-066 // NVD: CVE-2000-0417

CREDITS

Posted to BugTraq on May 5, 2000 by cassius@hushmail.com

Trust: 0.9

sources: BID: 1219 // CNNVD: CNNVD-200005-066

SOURCES

db:	CERT/CC	id:	VU#36312
db:	VULHUB	id:	VHN-1996
db:	VULMON	id:	CVE-2000-0417
db:	BID	id:	1219
db:	CNNVD	id:	CNNVD-200005-066
db:	NVD	id:	CVE-2000-0417

LAST UPDATE DATE

2024-08-14T14:01:00.460000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#36312	date:	2001-08-27T00:00:00
db:	VULHUB	id:	VHN-1996	date:	2008-09-10T00:00:00
db:	VULMON	id:	CVE-2000-0417	date:	2008-09-10T00:00:00
db:	BID	id:	1219	date:	2000-05-17T00:00:00
db:	CNNVD	id:	CNNVD-200005-066	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2000-0417	date:	2008-09-10T19:04:36.897

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#36312	date:	2001-08-27T00:00:00
db:	VULHUB	id:	VHN-1996	date:	2000-05-17T00:00:00
db:	VULMON	id:	CVE-2000-0417	date:	2000-05-17T00:00:00
db:	BID	id:	1219	date:	2000-05-17T00:00:00
db:	CNNVD	id:	CNNVD-200005-066	date:	2000-05-17T00:00:00
db:	NVD	id:	CVE-2000-0417	date:	2000-05-17T04:00:00