Vulnerabilities > CVE-2011-0887 - Cryptographic Issues vulnerability in SMC Networks Smcd3G-Ccr and Smcd3G-Ccr Firmware
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 1 | |
| Application | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Exploit-Db
| description | Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities. CVE-2011-0885,CVE-2011-0886,CVE-2011-0887. Remote exploit for hardware platform |
| file | exploits/hardware/remote/16123.txt |
| id | EDB-ID:16123 |
| last seen | 2016-02-01 |
| modified | 2011-02-06 |
| platform | hardware |
| port | |
| published | 2011-02-06 |
| reporter | Trustwave's SpiderLabs |
| source | https://www.exploit-db.com/download/16123/ |
| title | Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities |
| type | remote |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/98180/TWSL2011-002.txt |
| id | PACKETSTORM:98180 |
| last seen | 2016-12-05 |
| published | 2011-02-05 |
| reporter | Trustwave |
| source | https://packetstormsecurity.com/files/98180/Comcast-DOCSIS-3.0-Business-Gateways-XSRF-Session-Management.html |
| title | Comcast DOCSIS 3.0 Business Gateways XSRF / Session Management |
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:70676 |
| last seen | 2017-11-19 |
| modified | 2014-07-01 |
| published | 2014-07-01 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-70676 |
| title | Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities |
References
- http://seclists.org/bugtraq/2011/Feb/36
- http://secunia.com/advisories/43199
- http://securityreason.com/securityalert/8068
- http://www.exploit-db.com/exploits/16123/
- http://www.securityfocus.com/archive/1/516205/100/0/threaded
- http://www.securityfocus.com/bid/46215
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65186
- https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt