CVE-2001-1424
CVSS7.5
发布时间 :2001-04-10 00:00:00
修订时间 :2008-09-05 16:26:31
NMCOS    

[原文]Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access.


[CNNVD]Alcatel Speed Touch ADSL调制解调器运行固件漏洞(CNNVD-200104-003)

        Alcatel Speed Touch ADSL调制解调器运行固件KHDSAA.108, KHDSAA.132, KHDSBA.133, 和KHDSAA.134有空白的默认密码,远程攻击者可以获取未授权的访问。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/h:alcatel:speed_touch_home:khdsaa.133Alcatel Speed Touch Home KHDSAA,133
cpe:/h:alcatel:speed_touch_home:khdsaa.132Alcatel Speed Touch Home KHDSAA,132
cpe:/h:alcatel:speed_touch_home:khdsaa.108Alcatel Speed Touch Home KHDSAA,108
cpe:/h:alcatel:speed_touch_home:khdsaa.134Alcatel Speed Touch Home KHDSAA,134

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1424
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1424
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200104-003
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/212088
(UNKNOWN)  CERT-VN  VU#212088
http://www.cert.org/advisories/CA-2001-08.html
(UNKNOWN)  CERT  CA-2001-08
http://xforce.iss.net/xforce/xfdb/6335
(PATCH)  XF  alcatel-blank-password(6335)
http://www.securityfocus.com/bid/2568
(UNKNOWN)  BID  2568
http://www.securityfocus.com/archive/1/175229
(UNKNOWN)  BUGTRAQ  20010410 multiple vulnerabilities in Alcatel Speed Touch DSL modems
http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html
(UNKNOWN)  MISC  http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html

- 漏洞信息

Alcatel Speed Touch ADSL调制解调器运行固件漏洞
高危 设计错误
2001-04-10 00:00:00 2005-10-20 00:00:00
远程  
        Alcatel Speed Touch ADSL调制解调器运行固件KHDSAA.108, KHDSAA.132, KHDSBA.133, 和KHDSAA.134有空白的默认密码,远程攻击者可以获取未授权的访问。

- 公告与补丁

        Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .

- 漏洞信息

429
Alcatel Speed Touch ADSL Modem Default Blank Password
Remote / Network Access Authentication Management
Loss of Confidentiality, Loss of Integrity, Loss of Availability
Exploit Public

- 漏洞描述

Unknown or Incomplete

- 时间线

2001-04-11 2001-04-10
2001-04-11 Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

Alcatel Speed Touch ADSL Insecure Administration Interface Vulnerability
Design Error 2568
Yes No
2001-04-10 12:00:00 2009-07-11 06:06:00
Discovered by Tsutomu Shimomura. Reported to bugtraq by Tom Perrine <tep@SDSC.EDU> on 10 Apr 2001

- 受影响的程序版本

Alcatel Speed Touch Home KHDSAA.134
Alcatel Speed Touch Home KHDSAA.133
Alcatel Speed Touch Home KHDSAA.132
Alcatel Speed Touch Home KHDSAA.108

- 漏洞讨论

In the factory shipped state, no password is set for the device's administration interface. This could permit a user to reconfigure the unit, or set the password and prevent the device from being reconfigured.

Once a password has been set, the device remains vulnerable to attack in two ways.

- TFTP: The device's TFTP service can be used to overwrite configuration files. This approach may allow an attacker to set or modify the administration password even if it has been previously set.

- Cryptographic attack: by connecting to the "EXPERT" account, a challenge-response sequence is initiated which
is reportedly vulnerable to cryptographic attack. Details of the challenge-response algorithm were not made publicly available.

The device's configuration settings are accessible through FTP, HTTP and Telnet interfaces. In addition, the device's file structure is exposed through FTP. All of these services allow the modification of configuration information.

By default, no password is set for any of these services, so no authentication is required for access.

*** NOTE: Shortly after this advisory was published, the vendor, Alcatel, posted their response to the reported vulnerabilities in their modems.

In addition to providing general mitigating strategies designed to lessen the impact of these isses (such as firewall software and/or a dedicated firewall device or the Alcatel Speed Touch modem with Firewall capabilities), the vendor response indicates that only the Speed Touch Pro is vulnerable to remote changes to firmware code and configuration settings, and that this model can be made secure from such interference by the activation of an inbuilt security feature disabling remote access from the WAN/DSL interface. Therefore, while the discoverer's initial advisory states that the entire family of devices may be vulnerable, the vendor limits the scope of this vulnerability to a single, misconfigured model of the Speed Touch line.

This discussion will be updated regularly as further details and clarification emerge.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站