CVE-2013-4708 - The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SE

CVE-2013-4708

Summary

The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows remote attackers to bypass RADIUS authentication by sniffing RADIUS traffic.

References

Vulnerable Configurations

cpe:2.3:o:iij:seil\%2fx1_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx1_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx1_firmware:4.30:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx1_firmware:4.30:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/x1:*:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/x1:*:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fb1_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fb1_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fb1_firmware:4.30:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fb1_firmware:4.30:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:*:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/b1:*:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx2_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx2_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx2_firmware:4.30:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx2_firmware:4.30:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/x2:*:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/x2:*:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx86_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx86_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx86_firmware:2.80:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fx86_firmware:2.80:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/x86:*:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/x86:*:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fturbo_firmware:1.80:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fturbo_firmware:1.80:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fturbo_firmware:2.05:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fturbo_firmware:2.05:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fturbo_firmware:2.15:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fturbo_firmware:2.15:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/turbo:*:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/turbo:*:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fneu_2fe_plus_firmware:1.80:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fneu_2fe_plus_firmware:1.80:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fneu_2fe_plus_firmware:2.05:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fneu_2fe_plus_firmware:2.05:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fneu_2fe_plus_firmware:2.15:*:*:*:*:*:*:*
cpe:2.3:o:iij:seil\%2fneu_2fe_plus_firmware:2.15:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/neu_2fe_plus:*:*:*:*:*:*:*:*
cpe:2.3:h:iij:seil\/neu_2fe_plus:*:*:*:*:*:*:*:*

CVSS

Base:	4.0 (as of 07-10-2013 - 14:06)
Impact:
Exploitability:

CWE

CWE-310

CAPEC

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	NONE

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:P/A:N

refmap via4

confirm	http://www.seil.jp/support/security/a01388.html
jvn	JVN#40079308
jvndb	JVNDB-2013-000091
osvdb	97619

Last major update

07-10-2013 - 14:06

Published

01-10-2013 - 17:55

Last modified

07-10-2013 - 14:06