Lucene search

[email protected]CVE-2003-1264

HistoryNov 16, 2005 - 7:37 a.m.

CVE-2003-1264

2005-11-1607:37:00

[email protected]

web.nvd.nist.gov

cve-2003-1264

tftp server

longshine wap

d-link di-614+ 2.0

remote attack

wep secret

admin privileges

authentication.

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.1%

JSON

TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication.

Affected configurations

NVD

Node

d-linkdi-614\+Match2.0

longshine_technologielongshine_wireless_ethernet_access_pointMatchlcs-883r-ac-b

CPENameOperatorVersion
d-link:di-614\+d-link di-614+eq2.0
longshine_technologie:longshine_wireless_ethernet_access_pointlongshine technologie longshine wireless ethernet access pointeqlcs-883r-ac-b

CPE	Name	Operator	Version
d-link:di-614\+	d-link di-614+	eq	2.0
longshine_technologie:longshine_wireless_ethernet_access_point	longshine technologie longshine wireless ethernet access point	eq	lcs-883r-ac-b

References

www.iss.net/security_center/static/10997.php

www.securityfocus.com/archive/1/305344

www.securityfocus.com/archive/1/305391

www.securityfocus.com/bid/6533

www.securitytracker.com/id?1005897

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.1%

JSON

Related for CVE-2003-1264

cvelist1 nvd1