CVE-2005-4220

Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.securityfocus.com/bid/15816
http://secunia.com/advisories/11698/	Vendor Advisory
http://www.securityfocus.com/archive/1/419485/100/0/threaded
http://www.securityfocus.com/archive/1/419244/100/0/threaded
http://www.securityfocus.com/archive/1/419243/100/0/threaded

Configurations

Configuration 1 (hide)

cpe:2.3:h:netgear:rp114:3.26:*:*:*:*:*:*:*

Information

Published : 2005-12-14 03:03

Updated : 2018-10-19 08:40

NVD link : CVE-2005-4220

Mitre link : CVE-2005-4220

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

netgear

rp114

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/15816", "name": "15816", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/11698/", "name": "11698", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/archive/1/419485/100/0/threaded", "name": "20051213 Re: [scip_Advisory] NetGear RP114 Flooding Denial of Service", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/419244/100/0/threaded", "name": "20051212 Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/419243/100/0/threaded", "name": "20051212 [scip_Advisory] NetGear RP114 Flooding Denial of Service", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-4220", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-12-14T11:03Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:netgear:rp114:3.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-19T15:40Z"}

7.8 /10