Details of VAR-200508-0264

ID

VAR-200508-0264

CVE

CVE-2005-2434

TITLE

Linksys WRT54G Wireless Router Default SSL Certificate and Private Key Vulnerability

Trust: 0.9

sources: BID: 14407 // CNNVD: CNNVD-200508-040

DESCRIPTION

Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information. This constant certificate/key pair is always used to access the device. This can allow an attacker to obtain the certificate/key pair and carry out various attacks. A complete compromise of the device is possible. Linksys WRT54G is a wireless router device that combines several functions. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Linksys WRT54G Router Common SSL Private Key Disclosure SECUNIA ADVISORY ID: SA16271 VERIFY ADVISORY: http://secunia.com/advisories/16271/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: >From local network OPERATING SYSTEM: Linksys WRT54G Wireless-G Broadband Router http://secunia.com/product/3523/ DESCRIPTION: Nick Simicich has reported a security issue in WRT54G, which potentially can be exploited by malicious people to gain knowledge of certain sensitive information. A user with knowledge with the private key can potentially decrypt router management traffic captured from the network. PROVIDED AND/OR DISCOVERED BY: Nick Simicich ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-2434 // BID: 14407 // VULHUB: VHN-13643 // PACKETSTORM: 38955

AFFECTED PRODUCTS

vendor:	linksys	model:	wrt54g	scope:	eq	version:	*	Trust: 1.0
vendor:	linksys	model:	wrt54g	scope:	-	version:	-	Trust: 0.6
vendor:	linksys	model:	wrt54g beta	scope:	eq	version:	v2.02.02.8	Trust: 0.3
vendor:	linksys	model:	wrt54g	scope:	eq	version:	v2.02.00.8	Trust: 0.3
vendor:	linksys	model:	wpc300n wireless-n notebook adapter	scope:	eq	version:	-4.100.15.5	Trust: 0.3

sources: BID: 14407 // CNNVD: CNNVD-200508-040 // NVD: CVE-2005-2434

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-2434
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200508-040
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-13643
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-2434
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-13643
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-13643 // CNNVD: CNNVD-200508-040 // NVD: CVE-2005-2434

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2434

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200508-040

TYPE

Design Error

Trust: 0.9

sources: BID: 14407 // CNNVD: CNNVD-200508-040

EXTERNAL IDS

db:	BID	id:	14407	Trust: 2.0
db:	SECUNIA	id:	16271	Trust: 1.8
db:	NVD	id:	CVE-2005-2434	Trust: 1.7
db:	SECTRACK	id:	1014596	Trust: 1.7
db:	CNNVD	id:	CNNVD-200508-040	Trust: 0.7
db:	XF	id:	21635	Trust: 0.6
db:	XF	id:	54	Trust: 0.6
db:	BUGTRAQ	id:	20050728 VULNERABILITY IN LINKSYS ROUTER ACCESS	Trust: 0.6
db:	VULHUB	id:	VHN-13643	Trust: 0.1
db:	PACKETSTORM	id:	38955	Trust: 0.1

sources: VULHUB: VHN-13643 // BID: 14407 // PACKETSTORM: 38955 // CNNVD: CNNVD-200508-040 // NVD: CVE-2005-2434

REFERENCES

url:	http://www.securityfocus.com/bid/14407	Trust: 1.7
url:	http://securitytracker.com/id?1014596	Trust: 1.7
url:	http://secunia.com/advisories/16271	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/21635	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=112258422806340&w=2	Trust: 1.0
url:	http://xforce.iss.net/xforce/xfdb/21635	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=112258422806340&w=2	Trust: 0.6
url:	http://www.linksys.com/products/product.asp?prid=508&scid=35	Trust: 0.3
url:	/archive/1/406749	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=112258422806340&w=2	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/3523/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/16271/	Trust: 0.1

sources: VULHUB: VHN-13643 // BID: 14407 // PACKETSTORM: 38955 // CNNVD: CNNVD-200508-040 // NVD: CVE-2005-2434

CREDITS

Nick Simicich njs@scifi.squawk.com

Trust: 0.6

sources: CNNVD: CNNVD-200508-040

SOURCES

db:	VULHUB	id:	VHN-13643
db:	BID	id:	14407
db:	PACKETSTORM	id:	38955
db:	CNNVD	id:	CNNVD-200508-040
db:	NVD	id:	CVE-2005-2434

LAST UPDATE DATE

2024-08-14T12:58:49.694000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-13643	date:	2017-07-11T00:00:00
db:	BID	id:	14407	date:	2005-07-28T00:00:00
db:	CNNVD	id:	CNNVD-200508-040	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-2434	date:	2017-07-11T01:32:50.640

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-13643	date:	2005-08-03T00:00:00
db:	BID	id:	14407	date:	2005-07-28T00:00:00
db:	PACKETSTORM	id:	38955	date:	2005-08-02T23:53:24
db:	CNNVD	id:	CNNVD-200508-040	date:	2005-07-29T00:00:00
db:	NVD	id:	CVE-2005-2434	date:	2005-08-03T04:00:00