Details of VAR-200505-0408

ID

VAR-200505-0408

CVE

CVE-2005-0835

TITLE

Belkin 54G Wireless Router Multiple Denial of Service Vulnerabilities

Trust: 0.6

sources: CNNVD: CNNVD-200505-525

DESCRIPTION

The SNMP service in the Belkin 54G (F5D7130) wireless router allows remote attackers to cause a denial of service via unknown vectors. The Belkin 54G (F5D7130) appliance is reported prone to multiple remote vulnerabilities. The following individual issues are reported: It is reported that the Belkin 54G appliance transmits UPNP datagrams to the connected private network at regular intervals. Reports indicate that these datagrams contain a URI, this URI may be accessed by local network users without requiring authentication. A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to disclose sensitive information. It is reported that SNMP support is enabled on the affected appliance under a default configuration. A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to disclose sensitive information. Finally, it is reported that the SNMP service may be exploited to deny service for legitimate users. A remote attacker that resides on the local network segment connected to the affected appliance may exploit this vulnerability to deny service for legitimate users

Trust: 1.26

sources: NVD: CVE-2005-0835 // BID: 12846 // VULHUB: VHN-12044

AFFECTED PRODUCTS

vendor:	belkin	model:	54g wireless router	scope:	eq	version:	f5d7130	Trust: 1.6
vendor:	belkin	model:	54g	scope:	-	version:	-	Trust: 0.3

sources: BID: 12846 // CNNVD: CNNVD-200505-525 // NVD: CVE-2005-0835

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-0835
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200505-525
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-12044
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-0835
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-12044
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-12044 // CNNVD: CNNVD-200505-525 // NVD: CVE-2005-0835

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0835

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-525

TYPE

Design Error

Trust: 0.9

sources: BID: 12846 // CNNVD: CNNVD-200505-525

EXTERNAL IDS

db:	NVD	id:	CVE-2005-0835	Trust: 2.0
db:	BID	id:	12846	Trust: 2.0
db:	CNNVD	id:	CNNVD-200505-525	Trust: 0.7
db:	VULHUB	id:	VHN-12044	Trust: 0.1

sources: VULHUB: VHN-12044 // BID: 12846 // CNNVD: CNNVD-200505-525 // NVD: CVE-2005-0835

REFERENCES

url:	http://www.securityfocus.com/bid/12846	Trust: 1.7
url:	http://www.belkin.com/index.asp	Trust: 0.3

sources: VULHUB: VHN-12044 // BID: 12846 // CNNVD: CNNVD-200505-525 // NVD: CVE-2005-0835

CREDITS

Discovery of these vulnerabilities is credited to pureone <pureone36@gmail.com>.

Trust: 0.9

sources: BID: 12846 // CNNVD: CNNVD-200505-525

SOURCES

db:	VULHUB	id:	VHN-12044
db:	BID	id:	12846
db:	CNNVD	id:	CNNVD-200505-525
db:	NVD	id:	CVE-2005-0835

LAST UPDATE DATE

2024-08-14T14:53:46.102000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-12044	date:	2008-09-05T00:00:00
db:	BID	id:	12846	date:	2009-07-12T10:56:00
db:	CNNVD	id:	CNNVD-200505-525	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-0835	date:	2008-09-05T20:47:27.723

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-12044	date:	2005-05-02T00:00:00
db:	BID	id:	12846	date:	2005-03-18T00:00:00
db:	CNNVD	id:	CNNVD-200505-525	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2005-0835	date:	2005-05-02T04:00:00