Sign-up

ID

VAR-200909-0179


CVE

CVE-2009-3322


TITLE

Siemens Gigaset SE361 WLAN Service disruption in routers (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2009-006334

DESCRIPTION

The Siemens Gigaset SE361 WLAN router allows remote attackers to cause a denial of service (device reboot) via a flood of crafted TCP packets to port 1723. Siemens Gigaset SE361 WLAN is prone to a denial-of-service vulnerability. Successful exploits will cause an affected device to crash and reboot, denying service to legitimate users. This issue affects firmware 1.00.2 and prior versions. Gigaset SE361 WLAN is a small wireless router. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Gigaset SE361 WLAN Denial of Service Vulnerability SECUNIA ADVISORY ID: SA36697 VERIFY ADVISORY: http://secunia.com/advisories/36697/ DESCRIPTION: crashbrz has reported a vulnerability in Gigaset SE361 WLAN, which can be exploited by malicious people to cause a DoS (Denial of Service). SOLUTION: Restrict local network access to trusted users only. PROVIDED AND/OR DISCOVERED BY: crashbrz ORIGINAL ADVISORY: http://milw0rm.com/exploits/9646 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.25

sources: NVD: CVE-2009-3322 // JVNDB: JVNDB-2009-006334 // BID: 36366 // IVD: cf99946c-23cb-11e6-abef-000c29c66e3d // VULHUB: VHN-40768 // PACKETSTORM: 81391

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: cf99946c-23cb-11e6-abef-000c29c66e3d

AFFECTED PRODUCTS

vendor:siemensmodel:gigaset se361 wlan routerscope: - version: -

Trust: 1.4

vendor:siemensmodel:gigaset se361 wlan routerscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:gigaset se361 wlanscope:eqversion:0

Trust: 0.3

vendor:gigaset se361 wlan routermodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: cf99946c-23cb-11e6-abef-000c29c66e3d // BID: 36366 // JVNDB: JVNDB-2009-006334 // CNNVD: CNNVD-200909-431 // NVD: CVE-2009-3322

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-3322
value: HIGH

Trust: 1.0

NVD: CVE-2009-3322
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200909-431
value: HIGH

Trust: 0.6

IVD: cf99946c-23cb-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

VULHUB: VHN-40768
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2009-3322
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: cf99946c-23cb-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-40768
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: cf99946c-23cb-11e6-abef-000c29c66e3d // VULHUB: VHN-40768 // JVNDB: JVNDB-2009-006334 // CNNVD: CNNVD-200909-431 // NVD: CVE-2009-3322

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2009-3322

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200909-431

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200909-431

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2009-006334

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-40768

PATCH
title:Top Pageurl:http://gigaset.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2009-006334

EXTERNAL IDS
db:NVDid:CVE-2009-3322
Trust: 2.7
db:BIDid:36366
Trust: 2.0
db:SECUNIAid:36697
Trust: 1.9
db:EXPLOIT-DBid:9646
Trust: 1.8
db:OSVDBid:58199
Trust: 1.7
db:CNNVDid:CNNVD-200909-431
Trust: 0.9
db:JVNDBid:JVNDB-2009-006334
Trust: 0.8
db:MILW0RMid:9646
Trust: 0.6
db:BUGTRAQid:20090911 SIEMENS GIGASET SE361 WLAN - REMOTE REBOOT
Trust: 0.6
db:IVDid:CF99946C-23CB-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-40768
Trust: 0.1
db:PACKETSTORMid:81391
Trust: 0.1
sources:
            
            
            IVD: cf99946c-23cb-11e6-abef-000c29c66e3d // 
            
            
            
            VULHUB: VHN-40768 // 
            
            
            
            BID: 36366 // 
            
            
            
            JVNDB: JVNDB-2009-006334 // 
            
            
            
            PACKETSTORM: 81391 // 
            
            
            
            CNNVD: CNNVD-200909-431 // 
            
            
            
            NVD: CVE-2009-3322

REFERENCES
url:http://www.securityfocus.com/bid/36366
Trust: 1.7
url:http://www.osvdb.org/58199
Trust: 1.7
url:http://secunia.com/advisories/36697
Trust: 1.7
url:http://www.securityfocus.com/archive/1/506414/100/0/threaded
Trust: 1.1
url:http://www.exploit-db.com/exploits/9646
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3322
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3322
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/506414/100/0/threaded
Trust: 0.6
url:http://www.milw0rm.com/exploits/9646
Trust: 0.6
url:http://gigaset.com/shc/0,1935,hq_en_0_138885_rarnrnrnrn,00.html
Trust: 0.3
url:/archive/1/506414
Trust: 0.3
url:http://secunia.com/advisories/36697/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://milw0rm.com/exploits/9646
Trust: 0.1
url:http://secunia.com/advisories/business_solutions/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-40768 // 
            
            
            
            BID: 36366 // 
            
            
            
            JVNDB: JVNDB-2009-006334 // 
            
            
            
            PACKETSTORM: 81391 // 
            
            
            
            CNNVD: CNNVD-200909-431 // 
            
            
            
            NVD: CVE-2009-3322

CREDITS
crashbrz  crashbrz@gmail.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200909-431

SOURCES
db:IVDid:cf99946c-23cb-11e6-abef-000c29c66e3d
db:VULHUBid:VHN-40768
db:BIDid:36366
db:JVNDBid:JVNDB-2009-006334
db:PACKETSTORMid:81391
db:CNNVDid:CNNVD-200909-431
db:NVDid:CVE-2009-3322

LAST UPDATE DATE
2025-04-10T23:09:14.530000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-40768date:2018-10-10T00:00:00
db:BIDid:36366date:2009-09-15T18:01:00
db:JVNDBid:JVNDB-2009-006334date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-200909-431date:2009-09-23T00:00:00
db:NVDid:CVE-2009-3322date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:IVDid:cf99946c-23cb-11e6-abef-000c29c66e3ddate:2009-09-23T00:00:00
db:VULHUBid:VHN-40768date:2009-09-23T00:00:00
db:BIDid:36366date:2009-09-11T00:00:00
db:JVNDBid:JVNDB-2009-006334date:2012-12-20T00:00:00
db:PACKETSTORMid:81391date:2009-09-18T14:22:18
db:CNNVDid:CNNVD-200909-431date:2009-09-23T00:00:00
db:NVDid:CVE-2009-3322date:2009-09-23T12:08:35.453