CVE-2002-1431
CVSS7.5
发布时间 :2003-04-11 00:00:00
修订时间 :2008-09-05 16:30:35
NMCOS    

[原文]Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to access the web server.


[CNNVD]Belkin F5D5230-4路由器内部Web Traffic Origin Obfuscation漏洞(CNNVD-200304-095)

        Belkin F5D5230-4 4-Port Cable/DSL Gateway路由器1.20.000在从内部主机向外部服务器发送请求时修改路由器外部接口的内部数据包的源IP地址。远程攻击者可以利用正在使用的主机访问web服务器。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1431
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1431
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200304-095
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/4982
(VENDOR_ADVISORY)  BID  4982
http://www.iss.net/security_center/static/9324.php
(VENDOR_ADVISORY)  XF  belkin-incorrect-ip(9324)
http://online.securityfocus.com/archive/1/276256
(VENDOR_ADVISORY)  BUGTRAQ  20020609 Problem with IP reporting - Belkin Cable/DSL router

- 漏洞信息

Belkin F5D5230-4路由器内部Web Traffic Origin Obfuscation漏洞
高危 设计错误
2003-04-11 00:00:00 2005-10-20 00:00:00
远程  
        Belkin F5D5230-4 4-Port Cable/DSL Gateway路由器1.20.000在从内部主机向外部服务器发送请求时修改路由器外部接口的内部数据包的源IP地址。远程攻击者可以利用正在使用的主机访问web服务器。

- 公告与补丁

        Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .

- 漏洞信息

10062
Belkin F5D5230-4 Router Remote Access IP Concealment
Remote / Network Access

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-01-09 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Belkin F5D5230-4 Router Internal Web Traffic Origin Obfuscation Vulnerability
Design Error 4982
Yes No
2002-06-10 12:00:00 2009-07-11 01:56:00
Reported by M Freitas <freitasm@mailcity.com>.

- 受影响的程序版本

Belkin F5D5230-4

- 漏洞讨论

The Belkin F5D5230-4 4-Port Cable/DSL Gateway Router is a hardware router for a home or small office.

When a request for a service that has been remapped to the internal network is made via the WAN interface, and the origin is the internal network, the router reacts unpredictably. The origin address is rewritten as the IP address of the external interface by the device before being passed to the internal network. Upon receiving a request of this nature, the device will rewrite all future requests for services mapped to the WAN network, reporting their origin as that of the WAN interface.

This is known to be an issue for requests for port 80, if port 80 has been remapped to a host within the internal network. This may potentially be exploited to obscure the origin of attacks against a webserver in the internal network.

- 漏洞利用

No exploit is required.

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站