CVE: CVE-2001-1425 - CVE-Search

CVE Details for CVE: CVE-2001-1425

Summary

The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login.

Timestamps
Last major update	11-07-2017 - 01:29
Published	10-04-2001 - 04:00
Last modified	11-07-2017 - 01:29

References

Vulnerable Configurations

cpe:2.3:h:alcatel:speed_touch_home:khdsaa.108:*:*:*:*:*:*:*
cpe:2.3:h:alcatel:speed_touch_home:khdsaa.108:*:*:*:*:*:*:*
cpe:2.3:h:alcatel:speed_touch_home:khdsaa.134:*:*:*:*:*:*:*
cpe:2.3:h:alcatel:speed_touch_home:khdsaa.134:*:*:*:*:*:*:*
cpe:2.3:h:alcatel:speed_touch_home:khdsaa.132:*:*:*:*:*:*:*
cpe:2.3:h:alcatel:speed_touch_home:khdsaa.132:*:*:*:*:*:*:*
cpe:2.3:h:alcatel:speed_touch_home:khdsaa.133:*:*:*:*:*:*:*
cpe:2.3:h:alcatel:speed_touch_home:khdsaa.133:*:*:*:*:*:*:*

CAPEC

Click the CAPEC title to display a description

CWE

NVD-CWE-Other

CVSS

Base

7.5

Impact

6.4

Exploitability

10.0

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

CVSS3

None

VIA4 references

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	2568
bugtraq	20010410 multiple vulnerabilities in Alcatel Speed Touch DSL modems
cert	CA-2001-08
cert-vn	VU#243592
misc	http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html
xf	alcatel-expert-account(6354)