Vulnerabilities > CVE-2002-1968 - Local Security vulnerability in Com21 Doxport 1100 2.1.1.106

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

com21

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a malicious TFTP server.

Vulnerable Configurations

Part	Description	Count
Hardware	Com21 Com21 Doxport 1100 2.1.1.106	1

References

http://archives.neohapsis.com/archives/bugtraq/2002-12/0017.html
http://securitytracker.com/id?1005524
http://www.iss.net/security_center/static/10543.php