Sign-up

ID

VAR-200810-0116


CVE

CVE-2008-4594


TITLE

Linksys WAP4400N of SNMPv3 Component vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2008-004953

DESCRIPTION

Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. The Linksys WAP4400N device is a high-speed wireless access point. No detailed vulnerability details are available. The impact of this issue is currently unknown. We will update this BID when more information emerges. NOTE: Since the flaw is in the Marvell 88W8361P-BEM1 chipset driver, other devices and firmware versions using the same code may also be affected. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Linksys WAP4400N Denial of Service and SNMPv3 Vulnerability SECUNIA ADVISORY ID: SA32259 VERIFY ADVISORY: http://secunia.com/advisories/32259/ CRITICAL: Moderately critical IMPACT: Unknown, DoS WHERE: >From remote OPERATING SYSTEM: Linksys WAP4400N http://secunia.com/advisories/product/20144/ DESCRIPTION: Some vulnerabilities have been reported in Linksys WAP4400N, where one has unknown impacts and the other can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error within the processing of association requests can be exploited to reboot or hang-up the device by sending a specially crafted association request. Successful exploitation requires that the access point runs in WEP mode. No more information is currently available. http://www.linksys.com/servlet/Satellite?c=L_Download_C2&childpagename=US%2FLayout&cid=1115417109974&packedargs=sku%3D1152745215776&pagename=Linksys%2FCommon%2FVisitorWrapper PROVIDED AND/OR DISCOVERED BY: 1) Laurent Butti and Julien Tinnes, France Telecom / Orange 2) Reported by the vendor. ORIGINAL ADVISORY: http://www.linksys.com/servlet/Satellite?c=L_Download_C2&childpagename=US%2FLayout&cid=1115417109974&packedargs=sku%3D1152745215776&pagename=Linksys%2FCommon%2FVisitorWrapper ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.61

sources: NVD: CVE-2008-4594 // JVNDB: JVNDB-2008-004953 // CNVD: CNVD-2012-6230 // BID: 56356 // VULHUB: VHN-34719 // PACKETSTORM: 70926

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2012-6230

AFFECTED PRODUCTS

vendor:linksysmodel:wap400nscope:eqversion:1.2.14

Trust: 1.6

vendor:linksysmodel:wap4400nscope:eqversion:1.2.14

Trust: 0.9

vendor:cisco linksysmodel:wap400nscope:eqversion:1.2.14

Trust: 0.8

vendor:linksysmodel:wap4400nscope:neversion:1.2.17

Trust: 0.3

sources: CNVD: CNVD-2012-6230 // BID: 56356 // JVNDB: JVNDB-2008-004953 // CNNVD: CNNVD-200810-292 // NVD: CVE-2008-4594

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-4594
value: HIGH

Trust: 1.0

NVD: CVE-2008-4594
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200810-292
value: CRITICAL

Trust: 0.6

VULHUB: VHN-34719
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-4594
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-34719
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-34719 // JVNDB: JVNDB-2008-004953 // CNNVD: CNNVD-200810-292 // NVD: CVE-2008-4594

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2008-4594

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200810-292

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200810-292

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-004953

PATCH
title:Linksysurl:http://home.cisco.com/en-apac/home
Trust: 0.8
title:Linksys WAP4400N SNMPv3 component has an unspecified vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/24534
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2012-6230 // 
            
            
            
            JVNDB: JVNDB-2008-004953

EXTERNAL IDS
db:NVDid:CVE-2008-4594
Trust: 3.4
db:SECUNIAid:32259
Trust: 2.4
db:VUPENid:ADV-2008-2805
Trust: 1.7
db:JVNDBid:JVNDB-2008-004953
Trust: 0.8
db:CNVDid:CNVD-2012-6230
Trust: 0.6
db:XFid:45842
Trust: 0.6
db:XFid:4400
Trust: 0.6
db:CNNVDid:CNNVD-200810-292
Trust: 0.6
db:BIDid:56356
Trust: 0.4
db:VULHUBid:VHN-34719
Trust: 0.1
db:PACKETSTORMid:70926
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2012-6230 // 
            
            
            
            VULHUB: VHN-34719 // 
            
            
            
            BID: 56356 // 
            
            
            
            JVNDB: JVNDB-2008-004953 // 
            
            
            
            PACKETSTORM: 70926 // 
            
            
            
            CNNVD: CNNVD-200810-292 // 
            
            
            
            NVD: CVE-2008-4594

REFERENCES
url:http://secunia.com/advisories/32259
Trust: 1.7
url:http://www.vupen.com/english/advisories/2008/2805
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/45842
Trust: 1.1
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4594
Trust: 1.1
url:http://www.linksys.com/servlet/satellite?blobcol=urldata&blobheadername1=content-type&blobheadername2=content-disposition&blobheadervalue1=application%2fmsword&blobheadervalue2=inline%3b+filename
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4594
Trust: 0.8
url:http://secunia.com/advisories/32259http
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/45842
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2008/2805
Trust: 0.6
url:http://www.linksys.com/servlet/satellite?c=l_product_c2&childpagename=us%2flayout&cid=1153780863744&pagename=linksys%2fcommon%2fvisitorwrapper&lid=6374487090b05
Trust: 0.3
url:http://www.linksys.com/servlet/satellite?blobcol=urldata&blobheadername1=content-type&blobheadername2=content-disposition&blobheadervalue1=application%2fmsword&blobheadervalue2=inline%3b+filename
Trust: 0.1
url:http://secunia.com/advisories/product/20144/
Trust: 0.1
url:http://secunia.com/binary_analysis/sample_analysis/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/32259/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://www.linksys.com/servlet/satellite?c=l_download_c2&childpagename=us%2flayout&cid=1115417109974&packedargs=sku%3d1152745215776&pagename=linksys%2fcommon%2fvisitorwrapper
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2012-6230 // 
            
            
            
            VULHUB: VHN-34719 // 
            
            
            
            BID: 56356 // 
            
            
            
            JVNDB: JVNDB-2008-004953 // 
            
            
            
            PACKETSTORM: 70926 // 
            
            
            
            CNNVD: CNNVD-200810-292 // 
            
            
            
            NVD: CVE-2008-4594

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 56356

SOURCES
db:CNVDid:CNVD-2012-6230
db:VULHUBid:VHN-34719
db:BIDid:56356
db:JVNDBid:JVNDB-2008-004953
db:PACKETSTORMid:70926
db:CNNVDid:CNNVD-200810-292
db:NVDid:CVE-2008-4594

LAST UPDATE DATE
2025-04-10T20:10:48.353000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2012-6230date:2012-11-05T00:00:00
db:VULHUBid:VHN-34719date:2017-08-08T00:00:00
db:BIDid:56356date:2008-10-17T00:00:00
db:JVNDBid:JVNDB-2008-004953date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200810-292date:2008-10-20T00:00:00
db:NVDid:CVE-2008-4594date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:CNVDid:CNVD-2012-6230date:2012-11-05T00:00:00
db:VULHUBid:VHN-34719date:2008-10-17T00:00:00
db:BIDid:56356date:2008-10-17T00:00:00
db:JVNDBid:JVNDB-2008-004953date:2012-09-25T00:00:00
db:PACKETSTORMid:70926date:2008-10-15T06:24:30
db:CNNVDid:CNNVD-200810-292date:2008-10-17T00:00:00
db:NVDid:CVE-2008-4594date:2008-10-17T20:33:56.067