CVE-2005-0112

Sažetak

The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.

Reference

http://secunia.com/advisories/13942
http://securitytracker.com/id?1012958
http://www.idefense.com/application/poi/display?id=188&type=vulnerabilities
http://www.securityfocus.com/bid/12322
https://exchange.xforce.ibmcloud.com/vulnerabilities/18994

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

11-07-2017 - 01:32

Objavljeno

14-04-2005 - 04:00