Vulnerabilities > CVE-2005-2424 - Denial Of Service vulnerability in Siemens Santis 50 4.2.8.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

siemens

NVD

Published: 2005-08-03

Updated: 2017-07-11

Summary

The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the interface to freeze.

Vulnerable Configurations

Part	Description	Count
Hardware	Siemens Siemens Santis 50 4.2.8.0	1

References

http://marc.info/?l=bugtraq&m=112230914431638&w=2
http://secunia.com/advisories/16215
http://www.osvdb.org/18294
http://www.securenetwork.it/advisories/
http://www.securityfocus.com/bid/14372
https://exchange.xforce.ibmcloud.com/vulnerabilities/21552