Sign-up

ID

VAR-200908-0021


CVE

CVE-2008-6916


TITLE

NetPort Software Comes with Siemens SpeedStream 5200 Vulnerabilities that bypass authentication

Trust: 0.8

sources: JVNDB: JVNDB-2009-004315

DESCRIPTION

Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname. Siemens SpeedStream 5200 are prone to an authentication-bypass vulnerability that may allow attackers to gain unauthorized administrative access to a router's administration interface. SpeedStream 5200 is an ADSL router suitable for small and medium enterprises. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Siemens SpeedStream 5200 "Host" Header Authentication Bypass SECUNIA ADVISORY ID: SA32635 VERIFY ADVISORY: http://secunia.com/advisories/32635/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From local network OPERATING SYSTEM: Siemens SpeedStream 5200 http://secunia.com/advisories/product/20486/ DESCRIPTION: hkm has reported a vulnerability in Siemens SpeedStream 5200, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the authentication process when processing HTTP "Host" headers. This can be exploited to bypass authentication and e.g. download the router configuration via an HTTP request containing a wrong "Host" header. SOLUTION: Restrict access to the affected device. PROVIDED AND/OR DISCOVERED BY: hkm ORIGINAL ADVISORY: http://milw0rm.com/exploits/7055 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.25

sources: NVD: CVE-2008-6916 // JVNDB: JVNDB-2009-004315 // BID: 32203 // IVD: f0bc2b0a-23cb-11e6-abef-000c29c66e3d // VULHUB: VHN-37041 // PACKETSTORM: 71907

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: f0bc2b0a-23cb-11e6-abef-000c29c66e3d

AFFECTED PRODUCTS

vendor:john doemodel:netport softwarescope:eqversion:1.1

Trust: 1.8

vendor:siemensmodel:speedstream 5200scope:eqversion: -

Trust: 1.6

vendor:siemensmodel:speedstream 5200scope: - version: -

Trust: 0.8

vendor:siemensmodel:speedstreamscope:eqversion:52000

Trust: 0.3

vendor:speedstream 5200model: - scope:eqversion: -

Trust: 0.2

vendor:netportmodel: - scope:eqversion:1.1

Trust: 0.2

sources: IVD: f0bc2b0a-23cb-11e6-abef-000c29c66e3d // BID: 32203 // JVNDB: JVNDB-2009-004315 // CNNVD: CNNVD-200908-045 // NVD: CVE-2008-6916

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-6916
value: HIGH

Trust: 1.0

NVD: CVE-2008-6916
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200908-045
value: CRITICAL

Trust: 0.6

IVD: f0bc2b0a-23cb-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

VULHUB: VHN-37041
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-6916
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: f0bc2b0a-23cb-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-37041
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: f0bc2b0a-23cb-11e6-abef-000c29c66e3d // VULHUB: VHN-37041 // JVNDB: JVNDB-2009-004315 // CNNVD: CNNVD-200908-045 // NVD: CVE-2008-6916

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-37041 // JVNDB: JVNDB-2009-004315 // NVD: CVE-2008-6916

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200908-045

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-200908-045

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2009-004315

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-37041

PATCH
title:NetPort Softwareurl:http://www.denmansoft.com/netport.shtml
Trust: 0.8
title:Siemens SpeedStream 5200url:http://www.siemens.com.tr/web/261,1394,1,1/siemens_tr/microsite__adsl/urunler/speedstream_5200
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2009-004315

EXTERNAL IDS
db:NVDid:CVE-2008-6916
Trust: 3.0
db:BIDid:32203
Trust: 2.0
db:SECUNIAid:32635
Trust: 1.9
db:EXPLOIT-DBid:7055
Trust: 1.8
db:OSVDBid:49870
Trust: 1.7
db:CNNVDid:CNNVD-200908-045
Trust: 0.8
db:JVNDBid:JVNDB-2009-004315
Trust: 0.8
db:MILW0RMid:7055
Trust: 0.6
db:XFid:5200
Trust: 0.6
db:XFid:46508
Trust: 0.6
db:IVDid:F0BC2B0A-23CB-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-37041
Trust: 0.1
db:PACKETSTORMid:71907
Trust: 0.1
sources:
            
            
            IVD: f0bc2b0a-23cb-11e6-abef-000c29c66e3d // 
            
            
            
            VULHUB: VHN-37041 // 
            
            
            
            BID: 32203 // 
            
            
            
            JVNDB: JVNDB-2009-004315 // 
            
            
            
            PACKETSTORM: 71907 // 
            
            
            
            CNNVD: CNNVD-200908-045 // 
            
            
            
            NVD: CVE-2008-6916

REFERENCES
url:http://www.securityfocus.com/bid/32203
Trust: 1.7
url:http://osvdb.org/49870
Trust: 1.7
url:http://secunia.com/advisories/32635
Trust: 1.7
url:https://www.exploit-db.com/exploits/7055
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/46508
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6916
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-6916
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/46508
Trust: 0.6
url:http://www.milw0rm.com/exploits/7055
Trust: 0.6
url:http://subscriber.communications.siemens.com/
Trust: 0.3
url:http://secunia.com/advisories/product/20486/
Trust: 0.1
url:http://secunia.com/binary_analysis/sample_analysis/
Trust: 0.1
url:http://milw0rm.com/exploits/7055
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/32635/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-37041 // 
            
            
            
            BID: 32203 // 
            
            
            
            JVNDB: JVNDB-2009-004315 // 
            
            
            
            PACKETSTORM: 71907 // 
            
            
            
            CNNVD: CNNVD-200908-045 // 
            
            
            
            NVD: CVE-2008-6916

CREDITS
hkm hkm@hakim.ws
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200908-045

SOURCES
db:IVDid:f0bc2b0a-23cb-11e6-abef-000c29c66e3d
db:VULHUBid:VHN-37041
db:BIDid:32203
db:JVNDBid:JVNDB-2009-004315
db:PACKETSTORMid:71907
db:CNNVDid:CNNVD-200908-045
db:NVDid:CVE-2008-6916

LAST UPDATE DATE
2025-04-10T23:06:25.932000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-37041date:2017-09-29T00:00:00
db:BIDid:32203date:2015-04-16T17:51:00
db:JVNDBid:JVNDB-2009-004315date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200908-045date:2009-08-10T00:00:00
db:NVDid:CVE-2008-6916date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:IVDid:f0bc2b0a-23cb-11e6-abef-000c29c66e3ddate:2008-11-07T00:00:00
db:VULHUBid:VHN-37041date:2009-08-07T00:00:00
db:BIDid:32203date:2008-11-07T00:00:00
db:JVNDBid:JVNDB-2009-004315date:2012-09-25T00:00:00
db:PACKETSTORMid:71907date:2008-11-13T23:51:17
db:CNNVDid:CNNVD-200908-045date:2008-11-07T00:00:00
db:NVDid:CVE-2008-6916date:2009-08-07T19:00:01.017