Details of VAR-200212-0041

ID

VAR-200212-0041

CVE

CVE-2002-2159

TITLE

LinkSys EtherFast Router Remote Management Activation Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2002-2861

DESCRIPTION

Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access. Linksys EtherFast routers is a small four-port router designed to optimize the use of DSL or Cable connections. This vulnerability is not present in other versions of firmware. EtherFast BEFSRU31 Router is prone to a remote security vulnerability. A remote attacker gains access

Trust: 1.8

sources: NVD: CVE-2002-2159 // CNVD: CNVD-2002-2861 // BID: 89532 // VULHUB: VHN-6542

AFFECTED PRODUCTS

vendor:	linksys	model:	befsr41	scope:	eq	version:	1.42.7	Trust: 1.6
vendor:	linksys	model:	befsru31	scope:	eq	version:	1.42.7	Trust: 1.6
vendor:	linksys	model:	befsr11	scope:	eq	version:	1.42.7	Trust: 1.6
vendor:	none	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	linksys	model:	etherfast befsru31 router	scope:	eq	version:	1.42.7	Trust: 0.3
vendor:	linksys	model:	etherfast befsr41 router	scope:	eq	version:	1.42.7	Trust: 0.3
vendor:	linksys	model:	etherfast befsr11 router	scope:	eq	version:	1.42.7	Trust: 0.3

sources: CNVD: CNVD-2002-2861 // BID: 89532 // CNNVD: CNNVD-200212-842 // NVD: CVE-2002-2159

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-2159
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200212-842
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-6542
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2002-2159
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-6542
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-6542 // CNNVD: CNNVD-200212-842 // NVD: CVE-2002-2159

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-2159

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200212-842

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200212-842

EXTERNAL IDS

db:	NVD	id:	CVE-2002-2159	Trust: 2.6
db:	BID	id:	4987	Trust: 2.0
db:	CNNVD	id:	CNNVD-200212-842	Trust: 0.7
db:	CNVD	id:	CNVD-2002-2861	Trust: 0.6
db:	XF	id:	9330	Trust: 0.6
db:	BID	id:	89532	Trust: 0.4
db:	VULHUB	id:	VHN-6542	Trust: 0.1

sources: CNVD: CNVD-2002-2861 // VULHUB: VHN-6542 // BID: 89532 // CNNVD: CNNVD-200212-842 // NVD: CVE-2002-2159

REFERENCES

url:	http://www.securityfocus.com/bid/4987	Trust: 2.0
url:	http://www.securiteam.com/securitynews/5op022k7ge.html	Trust: 2.0
url:	http://www.iss.net/security_center/static/9330.php	Trust: 2.0

sources: VULHUB: VHN-6542 // BID: 89532 // CNNVD: CNNVD-200212-842 // NVD: CVE-2002-2159

CREDITS

Unknown

Trust: 0.3

sources: BID: 89532

SOURCES

db:	CNVD	id:	CNVD-2002-2861
db:	VULHUB	id:	VHN-6542
db:	BID	id:	89532
db:	CNNVD	id:	CNNVD-200212-842
db:	NVD	id:	CVE-2002-2159

LAST UPDATE DATE

2024-08-14T14:42:24.217000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2002-2861	date:	2002-06-14T00:00:00
db:	VULHUB	id:	VHN-6542	date:	2017-07-12T00:00:00
db:	BID	id:	89532	date:	2002-12-31T00:00:00
db:	CNNVD	id:	CNNVD-200212-842	date:	2006-02-01T00:00:00
db:	NVD	id:	CVE-2002-2159	date:	2017-07-12T01:29:00.847

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2002-2861	date:	2002-06-11T00:00:00
db:	VULHUB	id:	VHN-6542	date:	2002-12-31T00:00:00
db:	BID	id:	89532	date:	2002-12-31T00:00:00
db:	CNNVD	id:	CNNVD-200212-842	date:	2002-12-31T00:00:00
db:	NVD	id:	CVE-2002-2159	date:	2002-12-31T05:00:00