ID

VAR-200101-0009


CVE

CVE-2000-1179


TITLE

Netopia ISDN Router 650-ST Login interface connection vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200101-108

DESCRIPTION

Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters. A vulnerability exists in the Netopia 650-ST ISDN router, firmware version 3.3.2. A user connected to the unit's telnet interface can cause the device's system logs to be displayed with a simple keystroke entered by the user at the login screen. [CTRL]-E - displays the device event log [CTRL]-F - displays the WAN event log. Access to this information by a malicious remote user can lead to a compromise of sensitive information including usernames and passwords

Trust: 1.26

sources: NVD: CVE-2000-1179 // BID: 1952 // VULHUB: VHN-2747

AFFECTED PRODUCTS

vendor:netopiamodel:650-st isdn routerscope:eqversion:3.3.2_firmware

Trust: 1.6

vendor:netopiamodel:650-st isdn routerscope:eqversion:3.3.2

Trust: 0.3

sources: BID: 1952 // CNNVD: CNNVD-200101-108 // NVD: CVE-2000-1179

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2000-1179
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200101-108
value: MEDIUM

Trust: 0.6

VULHUB: VHN-2747
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2000-1179
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-2747
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-2747 // CNNVD: CNNVD-200101-108 // NVD: CVE-2000-1179

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-1179

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200101-108

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200101-108

EXTERNAL IDS

db:BIDid:1952

Trust: 2.0

db:NVDid:CVE-2000-1179

Trust: 1.7

db:CNNVDid:CNNVD-200101-108

Trust: 0.7

db:BUGTRAQid:20001115 NETOPIA ISDN ROUTER 650-ST: VIEWING OF ALL SYSTEM LOGS WITHOUT LOGIN

Trust: 0.6

db:XFid:5536

Trust: 0.6

db:VULHUBid:VHN-2747

Trust: 0.1

sources: VULHUB: VHN-2747 // BID: 1952 // CNNVD: CNNVD-200101-108 // NVD: CVE-2000-1179

REFERENCES

url:http://www.securityfocus.com/bid/1952

Trust: 1.7

url:http://marc.info/?l=bugtraq&m=97440068130051&w=2

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/5536

Trust: 1.1

url:http://marc.theaimsgroup.com/?l=bugtraq&m=97440068130051&w=2

Trust: 0.6

url:http://xforce.iss.net/xforce/xfdb/5536

Trust: 0.6

sources: VULHUB: VHN-2747 // CNNVD: CNNVD-200101-108 // NVD: CVE-2000-1179

CREDITS

Reported to bugtraq by The Proton <proton@dshs.nsw.edu.au> on Thu, 16 Nov 2000.

Trust: 0.3

sources: BID: 1952

SOURCES

db:VULHUBid:VHN-2747
db:BIDid:1952
db:CNNVDid:CNNVD-200101-108
db:NVDid:CVE-2000-1179

LAST UPDATE DATE

2024-08-14T15:45:52.841000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-2747date:2017-10-10T00:00:00
db:BIDid:1952date:2000-11-16T00:00:00
db:CNNVDid:CNNVD-200101-108date:2005-05-02T00:00:00
db:NVDid:CVE-2000-1179date:2017-10-10T01:29:31.420

SOURCES RELEASE DATE

db:VULHUBid:VHN-2747date:2001-01-09T00:00:00
db:BIDid:1952date:2000-11-16T00:00:00
db:CNNVDid:CNNVD-200101-108date:2001-01-09T00:00:00
db:NVDid:CVE-2000-1179date:2001-01-09T05:00:00