CVE-2008-6916

Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname...

Authentication flaw

Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname...

CVE-2008-6916

CVE-2008-6916 affects Siemens SpeedStream 5200 with NetPort Software 1.1. The issue is an authentication bypass that can be triggered by an invalid Host header, possibly involving a trailing dot in the hostname. The NVD entry reports a high risk with CVSS v2 base score 10.0 (Network, low access c...

Siemens SpeedStream 5200 Host头绕过认证漏洞

BUGTRAQ ID: 32203 SpeedStream 5200是适用于中小企业的ADSL路由器。 SpeedStream 5200路由器的认证过程没有正确地验证HTTP Host头，远程攻击者可以通过发送恶意的HTTP请求绕过认证下载路由器信息。 Siemens SpeedStream 5200 Siemens ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://subscriber.communications.siemens.com/ http://189.255.255.255./...

speedstream-bypass.txt

SpeedStream 5200 Authentication Bypass - hkm 12/10/2008 Server: NetPort Software 1.1 It is posible to bypass authentication by modifying the Host header. If you use a Host that is not the authentic one it will not require authentication. http://189.255.255.255./ - This would bypass authentication...

SpeedStream 5200 - Authentication Bypass Configuration Download

SpeedStream 5200 Authentication Bypass - hkm 12/10/2008 Server: NetPort Software 1.1 It is posible to bypass authentication by modifying the Host header. If you use a Host that is not the authentic one it will not require authentication. http://189.255.255.255./ - This would bypass authentication...

SpeedStream 5200 - Authentication Bypass Configuration Download

SpeedStream 5200 - Authentication Bypass Configuration Download SpeedStream 5200 Authentication Bypass - hkm 12/10/2008 Server: NetPort Software 1.1 It is posible to bypass authentication by modifying the Host header. If you use a Host that is not the authentic one it will not require...

SpeedStream 5200 Authentication Bypass Config Download Vulnerability

Exploit for hardware platform in category remote exploits ==================================================================== SpeedStream 5200 Authentication Bypass Config Download Vulnerability ==================================================================== SpeedStream 5200 Authentication...