Archivo de Junio de 2006

CVE Reference:  CVE-2006-3344   (Links to External Site)
Updated:  Aug 12 2008
Original Entry Date:  Jun 29 2006
Impact:  User access via network
Exploit Included:  Yes
Version(s): Tested on Model 2624
Description:  A vulnerability was reported in the SpeedStream wireless router. A remote user can access restricted files.

A remote user can access protected files without having to login to the system by using the UPnP support interface.

The vendor was notified on May 2, 2006, without response.

Jaime Blasco discovered this vulnerability.

The original advisory is available at:

http://www.digitalarmaments.com/2006290674551938.html

Impact:  A remote user can access ostensibly protected files on the target device.
Solution:  No solution was available at the time of this entry.
Vendor URL:  www.siemens.com/ (Links to External Site)
Cause:  Access control error
Reported By:  info@digitalarmaments.com
Message History:   None.

Leer el resto de esta entrada »