ID
VAR-200410-0149
TITLE
3Com OfficeConnect ADSL Wireless 11g Firewall Router Authentication Bypass Vulnerability
Trust: 0.3
DESCRIPTION
3Com OfficeConnect ADSL Wireless 11g Firewall Router is affected by an authentication bypass vulnerability; This issue is due to a failure of the device to properly validate an authenticated administrator. An attacker could leverage this issue to gain administrative access to the affective device facilitating disclosure of administrator passwords, WEP encryption keys, configuration manipulation and denial of service. It should be noted that this issue was originally reported in vulnerability report '3Com OfficeConnect ADSL Wireless 11g Firewall Router Multiple Unspecified Vulnerabilities' (BID 11422). It has been assigned its own BID as more information has been made available.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | 3com | model: | officeconnect adsl wireless 11g firewall router | scope: | eq | version: | 1.24 | Trust: 0.3 |
| vendor: | 3com | model: | officeconnect adsl wireless 11g firewall router | scope: | eq | version: | 1.23 | Trust: 0.3 |
| vendor: | 3com | model: | officeconnect adsl wireless 11g firewall router | scope: | eq | version: | 1.13 | Trust: 0.3 |
| vendor: | 3com | model: | 3crwe754g72-a wireless connectivity devices | scope: | - | version: | - | Trust: 0.3 |
| vendor: | 3com | model: | officeconnect adsl wireless 11g firewall router | scope: | ne | version: | 1.27 | Trust: 0.3 |
THREAT TYPE
network
Trust: 0.3
TYPE
Access Validation Error
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 11438 | Trust: 0.3 |
REFERENCES
| url: | http://www.3com.com/products/en_us/result.jsp?selected=6&sort=effdt&sku=3crwe754g72-a&order=desc | Trust: 0.3 |
| url: | http://www.3com.com/products/en_us/detail.jsp?tab=features&pathtype=purchase&sku=3crwe754g72-a | Trust: 0.3 |
CREDITS
Discovery of this issue is credited to Cyrille Barthelemy <cb-lse@ifrance.com>.
Trust: 0.3
SOURCES
| db: | BID | id: | 11438 |
LAST UPDATE DATE
2022-05-17T02:08:43.703000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 11438 | date: | 2004-10-18T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 11438 | date: | 2004-10-18T00:00:00 |