CVE-2004-0641 - Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and possibly earlier versions, generat

CVE-2004-0641

Summary

Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and possibly earlier versions, generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.

References

http://secunia.com/advisories/12238/
http://www.auscert.org.au/render.html?it=4299
http://www.idefense.com/application/poi/display?id=120&type=vulnerabilities&flashstatus=true
http://www.securityfocus.com/bid/10881
https://exchange.xforce.ibmcloud.com/vulnerabilities/16919

Vulnerable Configurations

cpe:2.3:h:thomson:speedtouch:510_adsl_router:*:*:*:*:*:*:*
cpe:2.3:h:thomson:speedtouch:510_adsl_router:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 11-07-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

auscert	ESB-2004.0504
bid	10881
idefense	20040805 Thompson SpeedTouch Home ADSL Modem Predictable TCP ISN Generation
secunia	12238
xf	speedtouch-hijack-connection(16919)

Last major update

11-07-2017 - 01:30

Published

05-08-2004 - 04:00

Last modified

11-07-2017 - 01:30