CVE Vulnerabilities

CVE-2001-1425

Published: Apr 10, 2001 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login.

Affected Software

Name Vendor Start Version End Version
Speed_touch_home Alcatel khdsaa.108 khdsaa.108
Speed_touch_home Alcatel khdsaa.132 khdsaa.132
Speed_touch_home Alcatel khdsaa.133 khdsaa.133
Speed_touch_home Alcatel khdsaa.134 khdsaa.134

References