Details of VAR-200101-0009

ID

VAR-200101-0009

CVE

CVE-2000-1179

TITLE

Netopia ISDN Router 650-ST Login interface connection vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200101-108

DESCRIPTION

Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters. A vulnerability exists in the Netopia 650-ST ISDN router, firmware version 3.3.2. A user connected to the unit's telnet interface can cause the device's system logs to be displayed with a simple keystroke entered by the user at the login screen. [CTRL]-E - displays the device event log [CTRL]-F - displays the WAN event log. Access to this information by a malicious remote user can lead to a compromise of sensitive information including usernames and passwords

Trust: 1.26

sources: NVD: CVE-2000-1179 // BID: 1952 // VULHUB: VHN-2747

AFFECTED PRODUCTS

vendor:	netopia	model:	650-st isdn router	scope:	eq	version:	3.3.2_firmware	Trust: 1.6
vendor:	netopia	model:	650-st isdn router	scope:	eq	version:	3.3.2	Trust: 0.3

sources: BID: 1952 // CNNVD: CNNVD-200101-108 // NVD: CVE-2000-1179

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2000-1179
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200101-108
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-2747
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2000-1179
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-2747
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-2747 // CNNVD: CNNVD-200101-108 // NVD: CVE-2000-1179

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-1179

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200101-108

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200101-108

EXTERNAL IDS

db:	BID	id:	1952	Trust: 2.0
db:	NVD	id:	CVE-2000-1179	Trust: 1.7
db:	CNNVD	id:	CNNVD-200101-108	Trust: 0.7
db:	BUGTRAQ	id:	20001115 NETOPIA ISDN ROUTER 650-ST: VIEWING OF ALL SYSTEM LOGS WITHOUT LOGIN	Trust: 0.6
db:	XF	id:	5536	Trust: 0.6
db:	VULHUB	id:	VHN-2747	Trust: 0.1

sources: VULHUB: VHN-2747 // BID: 1952 // CNNVD: CNNVD-200101-108 // NVD: CVE-2000-1179

REFERENCES

url:	http://www.securityfocus.com/bid/1952	Trust: 1.7
url:	http://marc.info/?l=bugtraq&m=97440068130051&w=2	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/5536	Trust: 1.1
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=97440068130051&w=2	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/5536	Trust: 0.6

sources: VULHUB: VHN-2747 // CNNVD: CNNVD-200101-108 // NVD: CVE-2000-1179

CREDITS

Reported to bugtraq by The Proton <proton@dshs.nsw.edu.au> on Thu, 16 Nov 2000.

Trust: 0.3

sources: BID: 1952

SOURCES

db:	VULHUB	id:	VHN-2747
db:	BID	id:	1952
db:	CNNVD	id:	CNNVD-200101-108
db:	NVD	id:	CVE-2000-1179

LAST UPDATE DATE

2024-08-14T15:45:52.841000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-2747	date:	2017-10-10T00:00:00
db:	BID	id:	1952	date:	2000-11-16T00:00:00
db:	CNNVD	id:	CNNVD-200101-108	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2000-1179	date:	2017-10-10T01:29:31.420

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-2747	date:	2001-01-09T00:00:00
db:	BID	id:	1952	date:	2000-11-16T00:00:00
db:	CNNVD	id:	CNNVD-200101-108	date:	2001-01-09T00:00:00
db:	NVD	id:	CVE-2000-1179	date:	2001-01-09T05:00:00