CVE-2002-0109

Current Description

Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string "public," which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query.

Basic Data

PublishedMarch 25, 2002
Last ModifiedOctober 18, 2016
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score6.4
SeverityMEDIUM
Exploitability Score10.0
Impact Score4.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3HardwareLinksysBefn2ps40.0*******
    2.3HardwareLinksysBefsr410.0*******
    2.3HardwareLinksysBefsr81********

Vulnerable Software List

VendorProductVersions
Linksys Befn2ps4 0.0
Linksys Befsr81 *
Linksys Befsr41 0.0

References

NameSourceURLTags
20020106 Linksys 'routers', SNMP issueshttp://marc.info/?l=bugtraq&m=101039288111680&w=2BUGTRAQ
linksys-etherfast-default-snmp(7827)http://www.iss.net/security_center/static/7827.phpXFVendor Advisory
3795http://www.securityfocus.com/bid/3795BID
3797http://www.securityfocus.com/bid/3797BID