D-Link DCC Protocol Security Bypass

high Nessus Plugin ID 47606

Synopsis

The remote network service is affected by a security bypass vulnerability.

Description

The remote D-link Click 'n Connect Daemon does not implement any authentication and therefore allows remote attackers to view configuration and control server functions via the affected service.

Solution

Unknown at this time.

See Also

http://www.icysilence.org/?p=413

https://www.securityfocus.com/archive/1/512053

Plugin Details

Severity: High

ID: 47606

File Name: dlink_dccd_security_bypass.nasl

Version: 1.6

Type: remote

Family: Misc.

Published: 7/6/2010

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 7.9

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Services/udp/dlink_dccd

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 6/28/2010

Reference Information

BID: 41187