Siemens Santis 50 packet gain access
| santis50-packet-gain-access (21552) |  High Risk |
Description:
Santis 50 Wireless router could allow a remote attacker limited access to the router. A remote attacker could send specially-crafted packets to the management port (TCP port 280), to gain access to the telnet command line interface. A remote attacker could exploit this vulnerability to gain access to the router with limited commands and obtain sensitive information.
Consequences:
Gain Access
Remedy:
No remedy available as of July 9, 2011.
References:
- BugTraq Mailing List, Mon Jul 25 2005 - 08:45:22 CDT : Siemens SANTIS 50 Authentication Vulnerability.
- Santis 50 Web site: Dynalink Modems ADSL Broadband Discontinued Products.
- BID-14372: Siemens Santis 50 Wireless Router Web Interface Denial Of Service Vulnerability
- CVE-2005-2424: The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the interface to freeze.
- OSVDB ID: 18294: Siemens Santis 50 Wireless Router Port 280 DoS Authentication Bypass
- SA16215: Siemens Santis 50 Authentication Bypass Vulnerability
Platforms Affected:
- Siemens Santis 50 4.2.8.0
Reported:
Jul 25, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net