Vulnerabilities > CVE-2001-1425 - Unspecified vulnerability in Alcatel Speed Touch Home

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

alcatel

NVD

Published: 2001-04-10

Updated: 2017-07-11

Summary

The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login.

Vulnerable Configurations

Part	Description	Count
Hardware	Alcatel Alcatel Speed Touch Home Khdsaa.108 Alcatel Speed Touch Home Khdsaa.132 Alcatel Speed Touch Home Khdsaa.133 Alcatel Speed Touch Home Khdsaa.134	4

References

http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html
http://www.cert.org/advisories/CA-2001-08.html
http://www.kb.cert.org/vuls/id/243592
http://www.securityfocus.com/archive/1/175229
http://www.securityfocus.com/bid/2568
https://exchange.xforce.ibmcloud.com/vulnerabilities/6354