Details of VAR-200505-0407

ID

VAR-200505-0407

CVE

CVE-2005-0834

TITLE

Belkin 54G Wireless Router Multiple Vulnerabilities

Trust: 0.9

sources: BID: 12846 // CNNVD: CNNVD-200505-066

DESCRIPTION

Belkin 54G (F5D7130) wireless router enables SNMP by default in a manner that allows remote attackers to obtain sensitive information. The Belkin 54G (F5D7130) appliance is reported prone to multiple remote vulnerabilities. The following individual issues are reported: It is reported that the Belkin 54G appliance transmits UPNP datagrams to the connected private network at regular intervals. Reports indicate that these datagrams contain a URI, this URI may be accessed by local network users without requiring authentication. A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to disclose sensitive information. It is reported that SNMP support is enabled on the affected appliance under a default configuration. A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to disclose sensitive information. Finally, it is reported that the SNMP service may be exploited to deny service for legitimate users. A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to deny service for legitimate users

Trust: 1.26

sources: NVD: CVE-2005-0834 // BID: 12846 // VULHUB: VHN-12043

AFFECTED PRODUCTS

vendor:	belkin	model:	54g wireless router	scope:	eq	version:	f5d7130	Trust: 0.6
vendor:	belkin	model:	54g	scope:	-	version:	-	Trust: 0.3

sources: BID: 12846 // CNNVD: CNNVD-200505-066

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-0834
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200505-066
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-12043
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-0834
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-12043
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-12043 // CNNVD: CNNVD-200505-066 // NVD: CVE-2005-0834

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0834

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-066

TYPE

Design Error

Trust: 0.9

sources: BID: 12846 // CNNVD: CNNVD-200505-066

EXTERNAL IDS

db:	BID	id:	12846	Trust: 2.0
db:	NVD	id:	CVE-2005-0834	Trust: 2.0
db:	CNNVD	id:	CNNVD-200505-066	Trust: 0.7
db:	VULHUB	id:	VHN-12043	Trust: 0.1

sources: VULHUB: VHN-12043 // BID: 12846 // CNNVD: CNNVD-200505-066 // NVD: CVE-2005-0834

REFERENCES

url:	http://www.securityfocus.com/bid/12846	Trust: 1.7
url:	http://www.belkin.com/index.asp	Trust: 0.3

sources: VULHUB: VHN-12043 // BID: 12846 // CNNVD: CNNVD-200505-066 // NVD: CVE-2005-0834

CREDITS

Discovery of these vulnerabilities is credited to pureone <pureone36@gmail.com>.

Trust: 0.9

sources: BID: 12846 // CNNVD: CNNVD-200505-066

SOURCES

db:	VULHUB	id:	VHN-12043
db:	BID	id:	12846
db:	CNNVD	id:	CNNVD-200505-066
db:	NVD	id:	CVE-2005-0834

LAST UPDATE DATE

2024-08-14T14:53:46.128000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-12043	date:	2008-09-05T00:00:00
db:	BID	id:	12846	date:	2009-07-12T10:56:00
db:	CNNVD	id:	CNNVD-200505-066	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-0834	date:	2008-09-05T20:47:27.567

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-12043	date:	2005-05-02T00:00:00
db:	BID	id:	12846	date:	2005-03-18T00:00:00
db:	CNNVD	id:	CNNVD-200505-066	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2005-0834	date:	2005-05-02T04:00:00