ID
VAR-200304-0101
CVE
CVE-2002-1431
TITLE
Belkin F5D5230-4 Inside the router Web Traffic Origin Obfuscation Vulnerability
Trust: 0.6
DESCRIPTION
Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to access the web server. The Belkin F5D5230-4 4-Port Cable/DSL Gateway Router is a hardware router for a home or small office. When a request for a service that has been remapped to the internal network is made via the WAN interface, and the origin is the internal network, the router reacts unpredictably. The origin address is rewritten as the IP address of the external interface by the device before being passed to the internal network. Upon receiving a request of this nature, the device will rewrite all future requests for services mapped to the WAN network, reporting their origin as that of the WAN interface. This is known to be an issue for requests for port 80, if port 80 has been remapped to a host within the internal network. This may potentially be exploited to obscure the origin of attacks against a webserver in the internal network
Trust: 1.26
AFFECTED PRODUCTS
| vendor: | belkin | model: | f5d5230-4 4-port cable dsl gateway router | scope: | eq | version: | 1.20.000 | Trust: 1.6 |
| vendor: | belkin | model: | f5d5230-4 | scope: | - | version: | - | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-Other | Trust: 1.0 |
THREAT TYPE
remote
Trust: 0.6
TYPE
Design Error
Trust: 0.9
EXTERNAL IDS
| db: | NVD | id: | CVE-2002-1431 | Trust: 2.0 |
| db: | BID | id: | 4982 | Trust: 2.0 |
| db: | CNNVD | id: | CNNVD-200304-095 | Trust: 0.7 |
| db: | XF | id: | 9324 | Trust: 0.6 |
| db: | BUGTRAQ | id: | 20020609 PROBLEM WITH IP REPORTING - BELKIN CABLE/DSL ROUTER | Trust: 0.6 |
| db: | VULHUB | id: | VHN-5816 | Trust: 0.1 |
REFERENCES
| url: | http://www.securityfocus.com/bid/4982 | Trust: 1.7 |
| url: | http://online.securityfocus.com/archive/1/276256 | Trust: 1.7 |
| url: | http://www.iss.net/security_center/static/9324.php | Trust: 1.7 |
| url: | http://catalog.belkin.com/iwcatproductpage.process?merchant_id=§ion_id=2094&pcount=&product_id=113464§ion.section_path=%2froot%2fnetworki%2e%2e%2endcables%2fcabledsl%2e%2e%2eyrouters%2f | Trust: 0.3 |
CREDITS
Reported by M Freitas <freitasm@mailcity.com>.
Trust: 0.9
SOURCES
| db: | VULHUB | id: | VHN-5816 |
| db: | BID | id: | 4982 |
| db: | CNNVD | id: | CNNVD-200304-095 |
| db: | NVD | id: | CVE-2002-1431 |
LAST UPDATE DATE
2024-08-14T14:48:13.541000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-5816 | date: | 2008-09-05T00:00:00 |
| db: | BID | id: | 4982 | date: | 2009-07-11T13:56:00 |
| db: | CNNVD | id: | CNNVD-200304-095 | date: | 2005-10-20T00:00:00 |
| db: | NVD | id: | CVE-2002-1431 | date: | 2008-09-05T20:30:35.030 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-5816 | date: | 2003-04-11T00:00:00 |
| db: | BID | id: | 4982 | date: | 2002-06-10T00:00:00 |
| db: | CNNVD | id: | CNNVD-200304-095 | date: | 2003-04-11T00:00:00 |
| db: | NVD | id: | CVE-2002-1431 | date: | 2003-04-11T04:00:00 |