Vulnerabilities > CVE-2002-0109 - Unspecified vulnerability in Linksys Befn2Ps4, Befsr41 and Befsr81

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
linksys
nessus

Summary

Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string "public," which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query.

Vulnerable Configurations

Part Description Count
Hardware
Linksys
3

Nessus

NASL familySNMP
NASL idSNMP_DEFAULT_COMMUNITIES.NASL
descriptionIt is possible to obtain the default community names of the remote SNMP server. An attacker can use this information to gain more knowledge about the remote host or to change the configuration of the remote system (if the default community allows such modifications).
last seen2020-06-01
modified2020-06-02
plugin id10264
published2002-11-25
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/10264
titleSNMP Agent Default Community Names