The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Tcm_cable_modem | Thomson | 305 (including) | 305 (including) |
| Tcm_cable_modem | Thomson | 315 (including) | 315 (including) |
| Tcw_cable_modem | Thomson | 690 (including) | 690 (including) |
| Tcw_cable_modem | Thomson | 690_st42.03.0a (including) | 690_st42.03.0a (including) |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014062.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014068.html
- http://marc.info/?l=bugtraq\u0026m=110888093214678\u0026w=2
- http://marc.info/?l=full-disclosure\u0026m=110880725322192\u0026w=2
- http://secunia.com/advisories/10286
- http://secunia.com/advisories/14353
- http://www.securityfocus.com/archive/1/345414
- http://www.securityfocus.com/bid/9091
- http://www.shellsec.net/leer_advisory.php?id=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13815
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014062.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014068.html
- http://marc.info/?l=bugtraq\u0026m=110888093214678\u0026w=2
- http://marc.info/?l=full-disclosure\u0026m=110880725322192\u0026w=2
- http://secunia.com/advisories/10286
- http://secunia.com/advisories/14353
- http://www.securityfocus.com/archive/1/345414
- http://www.securityfocus.com/bid/9091
- http://www.shellsec.net/leer_advisory.php?id=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13815