ID

VAR-200012-0015


CVE

CVE-2000-0964


TITLE

HiNet LP5100 IP-phone Network Management Service Buffer Overflow Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200012-146

DESCRIPTION

Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. There exists a vulnerability in the http mini-administration service operating on the Siemens HiNet 5100 IP-phone. By sending a long GET request an attacker can cause the unit to exhibit "unpredictable results" (in the case of requests between 100 and 300 bytes) or to crash completely, (500 bytes +) requiring the unit to be powered down and restarted. In addition to this denial of service, an attacker sufficiently familiar with the hardware architecture and firmware of this platform may, conceivably, be able to exploit this overflow to place malicious machine code on the stack, permitting interference with or modification of the phone's software, intercepting of calls, or another compromise of the unit's normal functionality. There is a buffer overflow vulnerability in the network management service of HiNet LP5100 IP-phone

Trust: 1.26

sources: NVD: CVE-2000-0964 // BID: 1727 // VULHUB: VHN-2534

AFFECTED PRODUCTS

vendor:siemensmodel:hinet lpscope:eqversion:5100.0

Trust: 1.9

sources: BID: 1727 // CNNVD: CNNVD-200012-146 // NVD: CVE-2000-0964

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2000-0964
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200012-146
value: CRITICAL

Trust: 0.6

VULHUB: VHN-2534
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2000-0964
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-2534
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-2534 // CNNVD: CNNVD-200012-146 // NVD: CVE-2000-0964

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-0964

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200012-146

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200012-146

EXTERNAL IDS

db:BIDid:1727

Trust: 2.0

db:NVDid:CVE-2000-0964

Trust: 1.7

db:CNNVDid:CNNVD-200012-146

Trust: 0.7

db:BUGTRAQid:20000928 ANOTHER THINGY.

Trust: 0.6

db:XFid:5298

Trust: 0.6

db:VULHUBid:VHN-2534

Trust: 0.1

sources: VULHUB: VHN-2534 // BID: 1727 // CNNVD: CNNVD-200012-146 // NVD: CVE-2000-0964

REFERENCES

url:http://www.securityfocus.com/bid/1727

Trust: 1.7

url:http://archives.neohapsis.com/archives/bugtraq/2000-09/0336.html

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/5298

Trust: 1.1

url:http://xforce.iss.net/static/5298.php

Trust: 0.6

url:http://www.ic.siemens.com/cda/site/pss/1,1294,208375-1-999,00.html

Trust: 0.3

sources: VULHUB: VHN-2534 // BID: 1727 // CNNVD: CNNVD-200012-146 // NVD: CVE-2000-0964

CREDITS

This vulnerability was reported to bugtraq by Michal Zalewski <lcamtuf@dione.ids.pl> on Thu, 28 Sep 2000.

Trust: 0.3

sources: BID: 1727

SOURCES

db:VULHUBid:VHN-2534
db:BIDid:1727
db:CNNVDid:CNNVD-200012-146
db:NVDid:CVE-2000-0964

LAST UPDATE DATE

2024-08-14T15:41:03.266000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-2534date:2017-10-10T00:00:00
db:BIDid:1727date:2000-09-28T00:00:00
db:CNNVDid:CNNVD-200012-146date:2005-05-02T00:00:00
db:NVDid:CVE-2000-0964date:2017-10-10T01:29:24.843

SOURCES RELEASE DATE

db:VULHUBid:VHN-2534date:2000-12-19T00:00:00
db:BIDid:1727date:2000-09-28T00:00:00
db:CNNVDid:CNNVD-200012-146date:2000-12-19T00:00:00
db:NVDid:CVE-2000-0964date:2000-12-19T05:00:00