CVE-2008-1267 - The Siemens SpeedStream 6520 router allows remote attackers to cause a denial of service (web interf

CVE-2008-1267

Summary

The Siemens SpeedStream 6520 router allows remote attackers to cause a denial of service (web interface crash) via an HTTP request to basehelp_English.htm with a large integer in the Content-Length field.

References

http://secunia.com/advisories/29325
http://www.gnucitizen.org/projects/router-hacking-challenge/
http://www.securityfocus.com/archive/1/489009/100/0/threaded
http://www.securityfocus.com/bid/28490
https://exchange.xforce.ibmcloud.com/vulnerabilities/41123

Vulnerable Configurations

cpe:2.3:h:siemens:speedstream_6520:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:speedstream_6520:*:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 11-10-2018 - 20:31)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	28490
bugtraq	20080301 The Router Hacking Challenge is Over!
misc	http://www.gnucitizen.org/projects/router-hacking-challenge/
secunia	29325
xf	speedstream-basehelpenglish-dos(41123)

Last major update

11-10-2018 - 20:31

Published

10-03-2008 - 17:44

Last modified

11-10-2018 - 20:31