Details of VAR-200509-0095

ID

VAR-200509-0095

CVE

CVE-2005-2914

TITLE

Linksys WRT54G Configuration Information Disclosure Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200509-134

DESCRIPTION

ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration. WRT54G v1.0 is prone to a remote security vulnerability. Linksys WRT54G is a Cisco wireless router

Trust: 1.26

sources: NVD: CVE-2005-2914 // BID: 89353 // VULHUB: VHN-14123

AFFECTED PRODUCTS

vendor:	linksys	model:	wrt54g	scope:	eq	version:	3.03.6	Trust: 1.6
vendor:	linksys	model:	wrt54g	scope:	eq	version:	2.04.4	Trust: 1.6
vendor:	linksys	model:	wrt54g	scope:	eq	version:	3.01.3	Trust: 1.6
vendor:	linksys	model:	wrt54g	scope:	eq	version:	v3.03.3.6	Trust: 0.3

sources: BID: 89353 // NVD: CVE-2005-2914 // CNNVD: CNNVD-200509-134

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2005-2914
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200509-134
value:	HIGH
Trust: 0.6
VULHUB:	VHN-14123
value:	HIGH
Trust: 0.1

NVD:
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
VULHUB:	VHN-14123
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-14123 // NVD: CVE-2005-2914 // CNNVD: CNNVD-200509-134

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2914

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200509-134

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200509-134

CONFIGURATIONS

sources: NVD: CVE-2005-2914

EXTERNAL IDS

db:	NVD	id:	CVE-2005-2914	Trust: 2.0
db:	CNNVD	id:	CNNVD-200509-134	Trust: 0.7
db:	IDEFENSE	id:	20050913 LINKSYS WRT54G ROUTER REMOTE ADMINISTRATION FIXED ENCRYPTION KEY VULNERABILITY	Trust: 0.6
db:	BID	id:	89353	Trust: 0.3
db:	VULHUB	id:	VHN-14123	Trust: 0.1

sources: VULHUB: VHN-14123 // BID: 89353 // NVD: CVE-2005-2914 // CNNVD: CNNVD-200509-134

REFERENCES

url:	http://www.idefense.com/application/poi/display?id=304&type=vulnerabilities	Trust: 1.9
url:	http://www.idefense.com/application/poi/display?id=304&type=vulnerabilities	Trust: 0.1

sources: VULHUB: VHN-14123 // BID: 89353 // NVD: CVE-2005-2914 // CNNVD: CNNVD-200509-134

CREDITS

Unknown

Trust: 0.3

sources: BID: 89353

SOURCES

db:	VULHUB	id:	VHN-14123
db:	BID	id:	89353
db:	NVD	id:	CVE-2005-2914
db:	CNNVD	id:	CNNVD-200509-134

LAST UPDATE DATE

2023-12-18T13:26:00.634000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-14123	date:	2008-09-05T00:00:00
db:	BID	id:	89353	date:	2016-07-06T14:34:00
db:	NVD	id:	CVE-2005-2914	date:	2008-09-05T20:52:58.890
db:	CNNVD	id:	CNNVD-200509-134	date:	2005-10-20T00:00:00

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-14123	date:	2005-09-14T00:00:00
db:	BID	id:	89353	date:	2005-09-14T00:00:00
db:	NVD	id:	CVE-2005-2914	date:	2005-09-14T21:03:00
db:	CNNVD	id:	CNNVD-200509-134	date:	2005-09-14T00:00:00