CVE-2005-2799 - Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4

CVE-2005-2799

Summary

Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.

References

http://www.idefense.com/application/poi/display?id=305&type=vulnerabilities

Vulnerable Configurations

cpe:2.3:h:linksys:wrt54g:3.01.3:*:*:*:*:*:*:*
cpe:2.3:h:linksys:wrt54g:3.01.3:*:*:*:*:*:*:*
cpe:2.3:h:linksys:wrt54g:3.03.6:*:*:*:*:*:*:*
cpe:2.3:h:linksys:wrt54g:3.03.6:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 05-09-2008 - 20:52)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

idefense

20050913 Linksys WRT54G Router Remote Administration apply.cgi Buffer Overflow Vulnerability

Last major update

05-09-2008 - 20:52

Published

15-09-2005 - 20:03

Last modified

05-09-2008 - 20:52