VAR-200012-0015
Vulnerability from variot - Updated: 2023-12-18 13:21Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. There exists a vulnerability in the http mini-administration service operating on the Siemens HiNet 5100 IP-phone. By sending a long GET request an attacker can cause the unit to exhibit "unpredictable results" (in the case of requests between 100 and 300 bytes) or to crash completely, (500 bytes +) requiring the unit to be powered down and restarted. In addition to this denial of service, an attacker sufficiently familiar with the hardware architecture and firmware of this platform may, conceivably, be able to exploit this overflow to place malicious machine code on the stack, permitting interference with or modification of the phone's software, intercepting of calls, or another compromise of the unit's normal functionality. There is a buffer overflow vulnerability in the network management service of HiNet LP5100 IP-phone
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200012-0015",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hinet lp",
"scope": "eq",
"trust": 1.9,
"vendor": "siemens",
"version": "5100.0"
}
],
"sources": [
{
"db": "BID",
"id": "1727"
},
{
"db": "NVD",
"id": "CVE-2000-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-200012-146"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:hinet_lp:5100.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0964"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was reported to bugtraq by Michal Zalewski \u003clcamtuf@dione.ids.pl\u003e on Thu, 28 Sep 2000.",
"sources": [
{
"db": "BID",
"id": "1727"
}
],
"trust": 0.3
},
"cve": "CVE-2000-0964",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-2534",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2000-0964",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200012-146",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-2534",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2534"
},
{
"db": "NVD",
"id": "CVE-2000-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-200012-146"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. There exists a vulnerability in the http mini-administration service operating on the Siemens HiNet 5100 IP-phone. \nBy sending a long GET request an attacker can cause the unit to exhibit \"unpredictable results\" (in the case of requests between 100 and 300 bytes) or to crash completely, (500 bytes +) requiring the unit to be powered down and restarted. In addition to this denial of service, an attacker sufficiently familiar with the hardware architecture and firmware of this platform may, conceivably, be able to exploit this overflow to place malicious machine code on the stack, permitting interference with or modification of the phone\u0027s software, intercepting of calls, or another compromise of the unit\u0027s normal functionality. There is a buffer overflow vulnerability in the network management service of HiNet LP5100 IP-phone",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0964"
},
{
"db": "BID",
"id": "1727"
},
{
"db": "VULHUB",
"id": "VHN-2534"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "1727",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2000-0964",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200012-146",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20000928 ANOTHER THINGY.",
"trust": 0.6
},
{
"db": "XF",
"id": "5298",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-2534",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2534"
},
{
"db": "BID",
"id": "1727"
},
{
"db": "NVD",
"id": "CVE-2000-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-200012-146"
}
]
},
"id": "VAR-200012-0015",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2534"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:21:23.951000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0964"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/1727"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0336.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5298"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/5298.php"
},
{
"trust": 0.3,
"url": "http://www.ic.siemens.com/cda/site/pss/1,1294,208375-1-999,00.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2534"
},
{
"db": "BID",
"id": "1727"
},
{
"db": "NVD",
"id": "CVE-2000-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-200012-146"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-2534"
},
{
"db": "BID",
"id": "1727"
},
{
"db": "NVD",
"id": "CVE-2000-0964"
},
{
"db": "CNNVD",
"id": "CNNVD-200012-146"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-12-19T00:00:00",
"db": "VULHUB",
"id": "VHN-2534"
},
{
"date": "2000-09-28T00:00:00",
"db": "BID",
"id": "1727"
},
{
"date": "2000-12-19T05:00:00",
"db": "NVD",
"id": "CVE-2000-0964"
},
{
"date": "2000-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200012-146"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-2534"
},
{
"date": "2000-09-28T00:00:00",
"db": "BID",
"id": "1727"
},
{
"date": "2017-10-10T01:29:24.843000",
"db": "NVD",
"id": "CVE-2000-0964"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200012-146"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200012-146"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HiNet LP5100 IP-phone Network Management Service Buffer Overflow Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200012-146"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200012-146"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…