Details of VAR-200508-0235

ID

VAR-200508-0235

CVE

CVE-2005-2419

TITLE

ECI Telecom B-FOCuS Router 312+ Unauthorized Access Vulnerability

Trust: 0.9

sources: BID: 14364 // CNNVD: CNNVD-200508-048

DESCRIPTION

B-FOCuS Router 312+ allows remote attackers to bypass authentication and gain unauthorized access via a direct request to firmwarecfg. An attacker can disclose the administrator password through the Web interface of the device. This can lead to a complete compromise of the router. B-FOCuS Router 312+ router can provide users with reliable and secure ADSL2+ connection. By default, the management interface of the eci router is available via HTTP, which is protected by a login screen. But an attacker can easily bypass the login screen by visiting the firmwarecfg page in the unprotected cgi-bin directory and download the router's current settings, including plaintext connection and management passwords. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: ECI B-FOCuS Router firmwarecfg Missing Access Control Restrictions SECUNIA ADVISORY ID: SA16205 VERIFY ADVISORY: http://secunia.com/advisories/16205/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: >From local network OPERATING SYSTEM: B-FOCuS Router 312+ http://secunia.com/product/5436/ DESCRIPTION: D.is.evil has reported a security issue in B-FOCuS Router 312+, which can exploited by malicious people to bypass certain security restrictions. The problem is caused due to the lack of access controls on the "/cgi-bin/firmwarecfg" page of the router's web management interface. This can reportedly be exploited to retrieve sensitive information such as the current router settings, connection and management passwords, or to cause a DoS by resetting the router constantly. PROVIDED AND/OR DISCOVERED BY: D.is.evil ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-2419 // BID: 14364 // VULHUB: VHN-13628 // PACKETSTORM: 38867

AFFECTED PRODUCTS

vendor:	eci telecom	model:	b-focus router	scope:	eq	version:	312	Trust: 1.6
vendor:	eci	model:	telecom b-focus router	scope:	eq	version:	312+	Trust: 0.3

sources: BID: 14364 // CNNVD: CNNVD-200508-048 // NVD: CVE-2005-2419

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-2419
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200508-048
value:	HIGH
Trust: 0.6
VULHUB:	VHN-13628
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-2419
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-13628
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-13628 // CNNVD: CNNVD-200508-048 // NVD: CVE-2005-2419

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2419

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200508-048

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200508-048

EXTERNAL IDS

db:	BID	id:	14364	Trust: 2.0
db:	SECUNIA	id:	16205	Trust: 1.8
db:	NVD	id:	CVE-2005-2419	Trust: 1.7
db:	CNNVD	id:	CNNVD-200508-048	Trust: 0.7
db:	BUGTRAQ	id:	20050724 ECI ROUTER LOGIN BYPASS	Trust: 0.6
db:	XF	id:	21521	Trust: 0.6
db:	VULHUB	id:	VHN-13628	Trust: 0.1
db:	PACKETSTORM	id:	38867	Trust: 0.1

sources: VULHUB: VHN-13628 // BID: 14364 // PACKETSTORM: 38867 // CNNVD: CNNVD-200508-048 // NVD: CVE-2005-2419

REFERENCES

url:	http://www.securityfocus.com/bid/14364	Trust: 1.7
url:	http://secunia.com/advisories/16205	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/21521	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=112230649106740&w=2	Trust: 1.0
url:	http://xforce.iss.net/xforce/xfdb/21521	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=112230649106740&w=2	Trust: 0.6
url:	http://www.ecitele.com/b-focus/	Trust: 0.3
url:	/archive/1/406372	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=112230649106740&w=2	Trust: 0.1
url:	http://secunia.com/product/5436/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/16205/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-13628 // BID: 14364 // PACKETSTORM: 38867 // CNNVD: CNNVD-200508-048 // NVD: CVE-2005-2419

CREDITS

D.is.evil D.is.evil@gmail.com

Trust: 0.6

sources: CNNVD: CNNVD-200508-048

SOURCES

db:	VULHUB	id:	VHN-13628
db:	BID	id:	14364
db:	PACKETSTORM	id:	38867
db:	CNNVD	id:	CNNVD-200508-048
db:	NVD	id:	CVE-2005-2419

LAST UPDATE DATE

2024-08-14T15:09:47.756000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-13628	date:	2017-07-11T00:00:00
db:	BID	id:	14364	date:	2005-07-25T00:00:00
db:	CNNVD	id:	CNNVD-200508-048	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-2419	date:	2017-07-11T01:32:49.923

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-13628	date:	2005-08-03T00:00:00
db:	BID	id:	14364	date:	2005-07-25T00:00:00
db:	PACKETSTORM	id:	38867	date:	2005-07-27T16:08:40
db:	CNNVD	id:	CNNVD-200508-048	date:	2005-07-26T00:00:00
db:	NVD	id:	CVE-2005-2419	date:	2005-08-03T04:00:00