Sign-up

ID

VAR-200211-0010


CVE

CVE-2002-1236


TITLE

Linksys BEFSR41 EtherFast Cable / DSL Router Remote Denial of Service Attack Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2002-3969

DESCRIPTION

The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments. Linksys EtherFast Cable / DSL routers is a small four-port router designed to optimize the use of DSL or Cable connections.  BEFSR41 contains a WEB interface that can be used to manage the configuration, which includes the Gozila.cgi script, but if the Gozila.cgi script is requested without submitting any parameters, it can cause BEFSR41 to crash and stop responding to normal requests. Linksys BEFSR41 is vulnerable to a denial of service condition. The denial of service condition will be triggered when the device receives a request for the script file 'Gozila.cgi' without any parameters

Trust: 1.8

sources: NVD: CVE-2002-1236 // CNVD: CNVD-2002-3969 // BID: 6086 // VULHUB: VHN-5621

AFFECTED PRODUCTS

vendor:linksysmodel:befsr41scope:eqversion:1.42.7

Trust: 1.6

vendor:linksysmodel:befsr41scope:eqversion:1.42.3

Trust: 1.6

vendor:linksysmodel:befsr41scope:eqversion:1.41

Trust: 1.6

vendor:linksysmodel:befsr41scope:eqversion:1.40.2

Trust: 1.6

vendor:nonemodel: - scope: - version: -

Trust: 0.6

vendor:linksysmodel:etherfast befsr41 routerscope:eqversion:1.42.7

Trust: 0.3

vendor:linksysmodel:etherfast befsr41 routerscope:eqversion:1.42.3

Trust: 0.3

vendor:linksysmodel:etherfast befsr41 routerscope:eqversion:1.41

Trust: 0.3

vendor:linksysmodel:etherfast befsr41 routerscope:eqversion:1.40.2

Trust: 0.3

vendor:linksysmodel:etherfast befsr41 routerscope:neversion:1.43

Trust: 0.3

sources: CNVD: CNVD-2002-3969 // BID: 6086 // CNNVD: CNNVD-200211-014 // NVD: CVE-2002-1236

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-1236
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200211-014
value: MEDIUM

Trust: 0.6

VULHUB: VHN-5621
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2002-1236
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-5621
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-5621 // CNNVD: CNNVD-200211-014 // NVD: CVE-2002-1236

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-1236

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200211-014

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200211-014

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-5621

EXTERNAL IDS
db:NVDid:CVE-2002-1236
Trust: 2.6
db:BIDid:6086
Trust: 2.0
db:CNNVDid:CNNVD-200211-014
Trust: 0.7
db:CNVDid:CNVD-2002-3969
Trust: 0.6
db:VULNWATCHid:20021101 IDEFENSE SECURITY ADVISORY 10.31.02A: DENIAL OF SERVICE VULNERABILITY IN LINKSYS BEFSR41 ETHERFAST CABLE/DSL ROUTER
Trust: 0.6
db:XFid:10514
Trust: 0.6
db:BUGTRAQid:20021101 IDEFENSE SECURITY ADVISORY 10.31.02A: DENIAL OF SERVICE VULNERABILITY IN LINKSYS BEFSR41 ETHERFAST CABLE/DSL ROUTER
Trust: 0.6
db:EXPLOIT-DBid:21975
Trust: 0.1
db:VULHUBid:VHN-5621
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2002-3969 // 
            
            
            
            VULHUB: VHN-5621 // 
            
            
            
            BID: 6086 // 
            
            
            
            CNNVD: CNNVD-200211-014 // 
            
            
            
            NVD: CVE-2002-1236

REFERENCES
url:http://www.securityfocus.com/bid/6086
Trust: 1.7
url:http://www.idefense.com/advisory/10.31.02a.txt
Trust: 1.7
url:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0049.html
Trust: 1.7
url:http://www.iss.net/security_center/static/10514.php
Trust: 1.7
url:http://marc.info/?l=bugtraq&m=103616324103171&w=2
Trust: 1.1
url:http://marc.theaimsgroup.com/?l=bugtraq&m=103616324103171&w=2
Trust: 0.6
url:http://www.linksys.com/products/group.asp?grid=23
Trust: 0.3
url:/archive/1/298188
Trust: 0.3
sources:
            
            
            VULHUB: VHN-5621 // 
            
            
            
            BID: 6086 // 
            
            
            
            CNNVD: CNNVD-200211-014 // 
            
            
            
            NVD: CVE-2002-1236

CREDITS
Jeep 94※ lowjeep94@hotmail.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200211-014

SOURCES
db:CNVDid:CNVD-2002-3969
db:VULHUBid:VHN-5621
db:BIDid:6086
db:CNNVDid:CNNVD-200211-014
db:NVDid:CVE-2002-1236

LAST UPDATE DATE
2024-08-14T15:25:49.965000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2002-3969date:2002-10-31T00:00:00
db:VULHUBid:VHN-5621date:2016-10-18T00:00:00
db:BIDid:6086date:2009-07-11T18:06:00
db:CNNVDid:CNNVD-200211-014date:2005-05-13T00:00:00
db:NVDid:CVE-2002-1236date:2016-10-18T02:25:06.133

SOURCES RELEASE DATE
db:CNVDid:CNVD-2002-3969date:2002-10-31T00:00:00
db:VULHUBid:VHN-5621date:2002-11-12T00:00:00
db:BIDid:6086date:2002-11-01T00:00:00
db:CNNVDid:CNNVD-200211-014date:2002-10-31T00:00:00
db:NVDid:CVE-2002-1236date:2002-11-12T05:00:00