Lucene search

[email protected]NVD:CVE-2005-3718

HistoryNov 21, 2005 - 11:03 a.m.

CVE-2005-3718

2005-11-2111:03:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON

UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 does not allow users to disable access to (1) SNMP or (2) the rlogin port TCP 513, which allows remote attackers to exploit other vulnerabilities such as CVE-2005-3716, or execute arbitrary shell commands via rlogin, which does not require authentication.

Affected configurations

Nvd

Node

utstarcomf1000_voip_wifi_phoneMatch2.0

VendorProductVersionCPE
utstarcomf1000_voip_wifi_phone2.0cpe:2.3:h:utstarcom:f1000_voip_wifi_phone:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
utstarcom	f1000_voip_wifi_phone	2.0	cpe:2.3:h:utstarcom:f1000_voip_wifi_phone:2.0:::::::*

References

lists.grok.org.uk/pipermail/full-disclosure/2005-November/038834.html

secunia.com/advisories/17629

www.securityfocus.com/bid/15476

www.vupen.com/english/advisories/2005/2472

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON

Related for NVD:CVE-2005-3718

cvelist2 cve2 nvd1