Details of VAR-200012-0015

ID

VAR-200012-0015

CVE

CVE-2000-0964

TITLE

HiNet LP5100 IP-phone Network Management Service Buffer Overflow Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200012-146

DESCRIPTION

Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. There exists a vulnerability in the http mini-administration service operating on the Siemens HiNet 5100 IP-phone. By sending a long GET request an attacker can cause the unit to exhibit "unpredictable results" (in the case of requests between 100 and 300 bytes) or to crash completely, (500 bytes +) requiring the unit to be powered down and restarted. In addition to this denial of service, an attacker sufficiently familiar with the hardware architecture and firmware of this platform may, conceivably, be able to exploit this overflow to place malicious machine code on the stack, permitting interference with or modification of the phone's software, intercepting of calls, or another compromise of the unit's normal functionality. There is a buffer overflow vulnerability in the network management service of HiNet LP5100 IP-phone

Trust: 1.26

sources: NVD: CVE-2000-0964 // BID: 1727 // VULHUB: VHN-2534

AFFECTED PRODUCTS

vendor:

siemens

model:

hinet lp

scope:

version:

5100.0

Trust: 1.9

sources: BID: 1727 // CNNVD: CNNVD-200012-146 // NVD: CVE-2000-0964

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2000-0964
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200012-146
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-2534
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2000-0964
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-2534
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-2534 // CNNVD: CNNVD-200012-146 // NVD: CVE-2000-0964

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-0964

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200012-146

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200012-146

EXTERNAL IDS

db:	BID	id:	1727	Trust: 2.0
db:	NVD	id:	CVE-2000-0964	Trust: 1.7
db:	CNNVD	id:	CNNVD-200012-146	Trust: 0.7
db:	BUGTRAQ	id:	20000928 ANOTHER THINGY.	Trust: 0.6
db:	XF	id:	5298	Trust: 0.6
db:	VULHUB	id:	VHN-2534	Trust: 0.1

sources: VULHUB: VHN-2534 // BID: 1727 // CNNVD: CNNVD-200012-146 // NVD: CVE-2000-0964

REFERENCES

url:	http://www.securityfocus.com/bid/1727	Trust: 1.7
url:	http://archives.neohapsis.com/archives/bugtraq/2000-09/0336.html	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/5298	Trust: 1.1
url:	http://xforce.iss.net/static/5298.php	Trust: 0.6
url:	http://www.ic.siemens.com/cda/site/pss/1,1294,208375-1-999,00.html	Trust: 0.3

sources: VULHUB: VHN-2534 // BID: 1727 // CNNVD: CNNVD-200012-146 // NVD: CVE-2000-0964

CREDITS

This vulnerability was reported to bugtraq by Michal Zalewski <lcamtuf@dione.ids.pl> on Thu, 28 Sep 2000.

Trust: 0.3

sources: BID: 1727

SOURCES

db:	VULHUB	id:	VHN-2534
db:	BID	id:	1727
db:	CNNVD	id:	CNNVD-200012-146
db:	NVD	id:	CVE-2000-0964

LAST UPDATE DATE

2024-08-14T15:41:03.266000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-2534	date:	2017-10-10T00:00:00
db:	BID	id:	1727	date:	2000-09-28T00:00:00
db:	CNNVD	id:	CNNVD-200012-146	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2000-0964	date:	2017-10-10T01:29:24.843

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-2534	date:	2000-12-19T00:00:00
db:	BID	id:	1727	date:	2000-09-28T00:00:00
db:	CNNVD	id:	CNNVD-200012-146	date:	2000-12-19T00:00:00
db:	NVD	id:	CVE-2000-0964	date:	2000-12-19T05:00:00