Sign-up

ID

VAR-201910-1479


CVE

CVE-2017-8087


TITLE

AVM Fritz!Box 7490 Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2017-014771

DESCRIPTION

Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS 6.80 and 6.83 allows physically proximate attackers to view slices of previously transmitted packets or portions of memory via via unspecified vectors. AVM Fritz!Box 7490 Contains an information disclosure vulnerability.Information may be obtained. Deutsche Telekom CERT Advisory [DTC-A-20170323-001] Summary: Information leakage found in FRITZ!OS 6.83 & 6.80 (AVM DSL Router Fritz!Box 7490) Recommendation: Update to the newest Version of FRITZ!OS Details: a) application b) problem c) CVSS d) detailed description e) credits ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ a) FRITZ!OS 6.83 & 6.80 (AVM DSL Router Fritz!Box 7490) b) Memory leakage within the PPPoE/PPP padding c) 4.7 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/RL:U d) Multiple DSL access router (aka Homegateway / CPE) handle PPPoE frame padding incorrectly. This seems to be similar to http://www.securiteam.com/securitynews/5BP01208UO.html. AVM DSL Router Fritz!Box 7490 (tested with FRITZ!OS 6.83 & 6.80) sends portion of memory within PPPoE Discovery protocol PADT frames because arbitrary memory is used in the padding to reach the minimum Ethernet frame length. Further research shows that \x93short\x94 PPP LCP frames are also padded with random memory. e) Christian Kagerhuber

Trust: 1.71

sources: NVD: CVE-2017-8087 // JVNDB: JVNDB-2017-014771 // PACKETSTORM: 153662

AFFECTED PRODUCTS

vendor:avmmodel:fritz\!osscope:eqversion:6.83

Trust: 1.0

vendor:avmmodel:fritz\!osscope:eqversion:6.80

Trust: 1.0

vendor:avmmodel:fritz!boxscope:eqversion:6.80

Trust: 0.8

vendor:avmmodel:fritz!boxscope:eqversion:6.83

Trust: 0.8

sources: JVNDB: JVNDB-2017-014771 // NVD: CVE-2017-8087

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-8087
value: LOW

Trust: 1.0

NVD: CVE-2017-8087
value: LOW

Trust: 0.8

CNNVD: CNNVD-201704-1165
value: LOW

Trust: 0.6

nvd@nist.gov: CVE-2017-8087
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2017-8087
baseSeverity: LOW
baseScore: 2.4
vectorString: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 0.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2017-8087
baseSeverity: LOW
baseScore: 2.4
vectorString: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2017-014771 // CNNVD: CNNVD-201704-1165 // NVD: CVE-2017-8087

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.8

sources: JVNDB: JVNDB-2017-014771 // NVD: CVE-2017-8087

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201704-1165

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014771

PATCH
title:Top Pageurl:https://en.avm.de/
Trust: 0.8
title:AVM Fritz!Box 7490 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100716
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2017-014771 // 
            
            
            
            CNNVD: CNNVD-201704-1165

EXTERNAL IDS
db:NVDid:CVE-2017-8087
Trust: 2.5
db:JVNDBid:JVNDB-2017-014771
Trust: 0.8
db:CNNVDid:CNNVD-201704-1165
Trust: 0.6
db:PACKETSTORMid:153662
Trust: 0.1
sources:
            
            
            JVNDB: JVNDB-2017-014771 // 
            
            
            
            PACKETSTORM: 153662 // 
            
            
            
            CNNVD: CNNVD-201704-1165 // 
            
            
            
            NVD: CVE-2017-8087

REFERENCES
url:http://seclists.org/fulldisclosure/2019/oct/36
Trust: 2.4
url:http://fritzbox.com
Trust: 1.6
url:http://avm.com
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2017-8087
Trust: 1.5
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8087
Trust: 0.8
url:http://www.securiteam.com/securitynews/5bp01208uo.html.
Trust: 0.1
sources:
            
            
            JVNDB: JVNDB-2017-014771 // 
            
            
            
            PACKETSTORM: 153662 // 
            
            
            
            CNNVD: CNNVD-201704-1165 // 
            
            
            
            NVD: CVE-2017-8087

CREDITS
Christian Kagerhuber
Trust: 0.1
sources:
            
            
            PACKETSTORM: 153662

SOURCES
db:JVNDBid:JVNDB-2017-014771
db:PACKETSTORMid:153662
db:CNNVDid:CNNVD-201704-1165
db:NVDid:CVE-2017-8087

LAST UPDATE DATE
2024-11-23T21:36:34.170000+00:00

SOURCES UPDATE DATE
db:JVNDBid:JVNDB-2017-014771date:2019-10-30T00:00:00
db:CNNVDid:CNNVD-201704-1165date:2019-10-25T00:00:00
db:NVDid:CVE-2017-8087date:2024-11-21T03:33:18.840

SOURCES RELEASE DATE
db:JVNDBid:JVNDB-2017-014771date:2019-10-30T00:00:00
db:PACKETSTORMid:153662date:2019-07-16T19:32:22
db:CNNVDid:CNNVD-201704-1165date:2017-04-25T00:00:00
db:NVDid:CVE-2017-8087date:2019-10-22T16:15:10.283