1. CVE-Search
  2. CVE-2004-0580
ID CVE-2004-0580
Summary DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
References
Vulnerable Configurations
  • cpe:2.3:h:linksys:befcmu10:*:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befcmu10:*:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befn2ps4:*:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befn2ps4:*:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befn2ps4:1.42.7:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befn2ps4:1.42.7:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr11:1.40.2:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr11:1.40.2:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr11:1.41:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr11:1.41:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr11:1.42.3:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr11:1.42.3:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr11:1.42.7:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr11:1.42.7:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr11:1.43:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr11:1.43:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr11:1.43.3:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr11:1.43.3:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr11:1.44:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr11:1.44:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.35:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.35:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.36:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.36:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.37:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.37:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.38.5:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.38.5:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.39:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.39:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.40.2:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.40.2:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.41:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.41:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.42.3:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.42.3:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.42.7:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.42.7:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.43:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.43:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.43.3:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.43.3:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.44:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.44:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41:1.45.7:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41:1.45.7:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr41w:*:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr41w:*:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr81:*:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr81:*:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr81:2.42.7.1:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr81:2.42.7.1:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsr81:2.44:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsr81:2.44:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsru31:1.40.2:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsru31:1.40.2:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsru31:1.41:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsru31:1.41:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsru31:1.42.3:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsru31:1.42.3:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsru31:1.42.7:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsru31:1.42.7:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsru31:1.43:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsru31:1.43:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsru31:1.43.3:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsru31:1.43.3:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsru31:1.44:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsru31:1.44:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsx41:1.42.7:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsx41:1.42.7:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsx41:1.43:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsx41:1.43:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsx41:1.43.3:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsx41:1.43.3:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsx41:1.43.4:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsx41:1.43.4:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsx41:1.44:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsx41:1.44:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsx41:1.44.3:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsx41:1.44.3:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befsx41:1.45.3:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befsx41:1.45.3:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befvp41:*:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befvp41:*:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befvp41:1.39.64:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befvp41:1.39.64:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befvp41:1.40.3f:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befvp41:1.40.3f:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befvp41:1.40.4:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befvp41:1.40.4:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:befvp41:1.42.7:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:befvp41:1.42.7:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:rv082:*:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:rv082:*:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:wap55ag:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:wap55ag:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:wrt54g:1.42.3:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:wrt54g:1.42.3:*:*:*:*:*:*:*
  • cpe:2.3:h:linksys:wrt54g:2.00.8:*:*:*:*:*:*:*
    cpe:2.3:h:linksys:wrt54g:2.00.8:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 13-08-2018 - 21:47)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 10329
bugtraq 20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data
confirm http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832&p_%20\created=1086294093&p_sid=pU1X1idh&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20\JnBfcm93X2NudD02NTQmcF9wYWdlPTE*&p_li=
osvdb 6325
sectrack 1010288
secunia 11606
xf linksys-etherfast-bootp-dos(16142)
Last major update 13-08-2018 - 21:47
Published 06-08-2004 - 04:00
Last modified 13-08-2018 - 21:47
Back to Top