Details of VAR-200512-0266

ID

VAR-200512-0266

CVE

CVE-2005-4257

TITLE

Various Linksys Router LanD Packet denial of service vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200512-315

DESCRIPTION

Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. Multiple Linksys devices are prone to a denial of service vulnerability. These devices are susceptible to a remote denial of service vulnerability when handling TCP 'LanD' packets. This issue allows remote attackers to crash affected devices, or to temporarily block further network routing functionality. This will deny further network services to legitimate users. Linksys BEFW11S4 and WRT54GS devices are reportedly affected by this issue. Due to code reuse among devices, other devices may also be affected

Trust: 1.26

sources: NVD: CVE-2005-4257 // BID: 15861 // VULHUB: VHN-15465

AFFECTED PRODUCTS

vendor:	linksys	model:	wrt54gs	scope:	eq	version:	4.70.6	Trust: 1.9
vendor:	linksys	model:	wrt54gs	scope:	eq	version:	4.50.6	Trust: 1.9
vendor:	linksys	model:	befw11s4	scope:	eq	version:	1.44	Trust: 1.9
vendor:	linksys	model:	befw11s4	scope:	eq	version:	1.43.3	Trust: 1.9
vendor:	linksys	model:	befw11s4	scope:	eq	version:	1.4.3	Trust: 1.9
vendor:	linksys	model:	befw11s4	scope:	eq	version:	1.4.2.7	Trust: 1.9
vendor:	linksys	model:	befw11s4 v4	scope:	eq	version:	*	Trust: 1.0
vendor:	linksys	model:	befw11s4 v3	scope:	eq	version:	*	Trust: 1.0
vendor:	linksys	model:	befw11s4 v4	scope:	-	version:	-	Trust: 0.6
vendor:	linksys	model:	befw11s4 v3	scope:	-	version:	-	Trust: 0.6
vendor:	linksys	model:	befw11s4	scope:	eq	version:	v4	Trust: 0.3
vendor:	linksys	model:	befw11s4	scope:	eq	version:	v3	Trust: 0.3

sources: BID: 15861 // CNNVD: CNNVD-200512-315 // NVD: CVE-2005-4257

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-4257
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200512-315
value:	HIGH
Trust: 0.6
VULHUB:	VHN-15465
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-4257
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-15465
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-15465 // CNNVD: CNNVD-200512-315 // NVD: CVE-2005-4257

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-4257

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200512-315

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200512-315

EXTERNAL IDS

db:	BID	id:	15861	Trust: 2.0
db:	NVD	id:	CVE-2005-4257	Trust: 1.7
db:	CNNVD	id:	CNNVD-200512-315	Trust: 0.6
db:	VULHUB	id:	VHN-15465	Trust: 0.1

sources: VULHUB: VHN-15465 // BID: 15861 // CNNVD: CNNVD-200512-315 // NVD: CVE-2005-4257

REFERENCES

url:	http://www.securityfocus.com/bid/15861	Trust: 1.7
url:	http://www.linksys.com/products/group.asp?grid=23	Trust: 0.3
url:	http://www.linksys.com/	Trust: 0.3
url:	http://www.linksys.com/servlet/satellite?childpagename=us%2flayout&packedargs=c%3dl_product_c2%26cid%3d1115416825841%26site%3dus&pagename=linksys%2fcommon%2fvisitorwrapper	Trust: 0.3
url:	/archive/1/419520	Trust: 0.3

sources: VULHUB: VHN-15465 // BID: 15861 // CNNVD: CNNVD-200512-315 // NVD: CVE-2005-4257

CREDITS

Justin M. Wray

Trust: 0.6

sources: CNNVD: CNNVD-200512-315

SOURCES

db:	VULHUB	id:	VHN-15465
db:	BID	id:	15861
db:	CNNVD	id:	CNNVD-200512-315
db:	NVD	id:	CVE-2005-4257

LAST UPDATE DATE

2024-08-14T15:25:38.990000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-15465	date:	2008-09-05T00:00:00
db:	BID	id:	15861	date:	2005-12-14T00:00:00
db:	CNNVD	id:	CNNVD-200512-315	date:	2005-12-15T00:00:00
db:	NVD	id:	CVE-2005-4257	date:	2008-09-05T20:56:25.753

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-15465	date:	2005-12-15T00:00:00
db:	BID	id:	15861	date:	2005-12-14T00:00:00
db:	CNNVD	id:	CNNVD-200512-315	date:	2005-12-15T00:00:00
db:	NVD	id:	CVE-2005-4257	date:	2005-12-15T11:03:00