CVE-2004-1685
CVSS7.5
发布时间 :2004-09-15 00:00:00
修订时间 :2016-10-17 22:59:06
NMCO    

[原文]SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow remote attackers to bypass authentication by connecting to it from the same IP address as the administrator who is logged in, then accessing the setup_status.htm or status.HTM pages.


[CNNVD]SMC7004VWBR和SMC7008ABR验证绕过漏洞(CNNVD-200409-033)

        
        SMC7004VWBR和SMC7008ABR是宽带路由器系列。
        SMC7004VWBR和SMC7008ABR不正确处理验证会话,远程攻击者可以利用这个漏洞未授权访问管理接口。
        Jimmy Scott报告SMC宽带路由器存在验证绕过漏洞,SMC会话处理实现基于IP地址,如果伪造管理员的IP地址,就无需验证访问管理接口。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/h:smc_networks:smc7004vwbr:1.22
cpe:/h:smc_networks:smc7004vwbr:1.23
cpe:/h:smc_networks:smc7004vwbr:1.21a
cpe:/h:smc_networks:smc7008abr:1.32

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1685
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1685
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200409-033
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=109526094614160&w=2
(UNKNOWN)  BUGTRAQ  20040915 SMC7004VWBR / SMC7008ABR "spoofing" vulnerability.
http://www.securityfocus.com/bid/11197
(VENDOR_ADVISORY)  BID  11197
http://xforce.iss.net/xforce/xfdb/17443
(VENDOR_ADVISORY)  XF  smc-router-security-bypass(17443)

- 漏洞信息

SMC7004VWBR和SMC7008ABR验证绕过漏洞
高危 访问验证错误
2004-09-15 00:00:00 2005-10-20 00:00:00
远程  
        
        SMC7004VWBR和SMC7008ABR是宽带路由器系列。
        SMC7004VWBR和SMC7008ABR不正确处理验证会话,远程攻击者可以利用这个漏洞未授权访问管理接口。
        Jimmy Scott报告SMC宽带路由器存在验证绕过漏洞,SMC会话处理实现基于IP地址,如果伪造管理员的IP地址,就无需验证访问管理接口。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 关闭基于WEB的管理接口。
        厂商补丁:
        SMC
        ---
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.smc.com/

- 漏洞信息

10088
Barricade SMC700* Admin IP Address Restriction Bypass
Remote / Network Access Information Disclosure
Loss of Confidentiality, Loss of Integrity
Exploit Public

- 漏洞描述

Barricade SMC routers contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker spoofs the IP address of a currently logged in administrator and sends a specially crafted URL, which will disclose configuration and password information resulting in a loss of confidentiality.

- 时间线

2004-09-19 2004-09-15
2004-09-15 Unknow

- 解决方案

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workarounds: - Set the idle time to 1 minute - Use MAC filtering so that only known MAC address can access your network - Use WEP encryption for the wireless router

- 相关参考

- 漏洞作者

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站