Linksys Multiple Vulnerabilities (OF, DoS, more)

Copyright (C) 2005-2013 Josh Zlatin-Amishav


Synopsis :

The remote router is affected by multiple flaws.

Description :

The remote host appears to be a Linksys WRT54G Wireless Router.

The firmware version installed on the remote host is prone to several
flaws:

- Execute arbitrary commands on the affected router with
root privilages. (CVE-2005-2916)

- Download and replace the configuration of affected
routers via a special POST request to the 'restore.cgi'
or 'upgrade.cgi' scripts. (CVE-2005-2799)

- Allow remote attackers to obtain encrypted configuration
information and, if the key is known, modify the
configuration. (CVE-2005-2914, CVE-2005-2915)

- Degrade the performance of affected devices and cause
the web server to become unresponsive, potentially
denying service to legitimate users. (CVE-2005-2912)

See also :

http://www.nessus.org/u?634ea312
http://www.nessus.org/u?551a93ee
http://www.nessus.org/u?50729602
http://www.nessus.org/u?469a3365
http://www.nessus.org/u?50f0e7ad

Solution :

Upgrade to firmware version 4.20.7 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 10.0
(CVSS2#E:H/RL:U/RC:ND)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 20096 (linksys_multiple_vulns.nasl)

Bugtraq ID: 14822

CVE ID: CVE-2005-2799
CVE-2005-2912
CVE-2005-2914
CVE-2005-2915
CVE-2005-2916