Search
Find a vulnerability
Search criteria
6 vulnerabilities found for di-614\+ by d-link
CVE-2003-1264 (GCVE-0-2003-1264)
Vulnerability from cvelistv5 – Published: 2005-11-16 07:37 – Updated: 2024-08-08 02:19
VLAI
EPSS
VEX
Summary
TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/10997.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/305344 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/305391 | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id?1005897 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/6533 | vdb-entryx_refsource_BID |
Date Public
2003-01-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:19:46.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "longshine-ap-tftp-access(10997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10997.php"
},
{
"name": "20030106 Longshine WLAN Access-Point LCS-883R VU#310201",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/305344"
},
{
"name": "20030106 Re: Longshine WLAN Access-Point LCS-883R VU#310201",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/305391"
},
{
"name": "1005897",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1005897"
},
{
"name": "6533",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6533"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-01-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-02-12T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "longshine-ap-tftp-access(10997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10997.php"
},
{
"name": "20030106 Longshine WLAN Access-Point LCS-883R VU#310201",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/305344"
},
{
"name": "20030106 Re: Longshine WLAN Access-Point LCS-883R VU#310201",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/305391"
},
{
"name": "1005897",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1005897"
},
{
"name": "6533",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6533"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1264",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "longshine-ap-tftp-access(10997)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10997.php"
},
{
"name": "20030106 Longshine WLAN Access-Point LCS-883R VU#310201",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/305344"
},
{
"name": "20030106 Re: Longshine WLAN Access-Point LCS-883R VU#310201",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/305391"
},
{
"name": "1005897",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1005897"
},
{
"name": "6533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6533"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1264",
"datePublished": "2005-11-16T07:37:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:19:46.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0661 (GCVE-0-2004-0661)
Vulnerability from cvelistv5 – Published: 2004-07-13 04:00 – Updated: 2024-08-08 00:24
VLAI
EPSS
VEX
Summary
Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/10621 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=108844250013785&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/7294 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/12018 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/367485 | mailing-listx_refsource_BUGTRAQ |
Date Public
2004-06-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:27.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10621",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10621"
},
{
"name": "20040628 DLINK 614+ - SOHO routers, DHCP service DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108844250013785\u0026w=2"
},
{
"name": "7294",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7294"
},
{
"name": "12018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12018"
},
{
"name": "dlink-dhcp-request-dos(16531)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16531"
},
{
"name": "20040629 Re: DLINK 614+ - SOHO routers, system DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/367485"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10621",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10621"
},
{
"name": "20040628 DLINK 614+ - SOHO routers, DHCP service DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108844250013785\u0026w=2"
},
{
"name": "7294",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7294"
},
{
"name": "12018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12018"
},
{
"name": "dlink-dhcp-request-dos(16531)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16531"
},
{
"name": "20040629 Re: DLINK 614+ - SOHO routers, system DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/367485"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10621",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10621"
},
{
"name": "20040628 DLINK 614+ - SOHO routers, DHCP service DOS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108844250013785\u0026w=2"
},
{
"name": "7294",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7294"
},
{
"name": "12018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12018"
},
{
"name": "dlink-dhcp-request-dos(16531)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16531"
},
{
"name": "20040629 Re: DLINK 614+ - SOHO routers, system DOS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/367485"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0661",
"datePublished": "2004-07-13T04:00:00.000Z",
"dateReserved": "2004-07-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:24:27.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0615 (GCVE-0-2004-0615)
Vulnerability from cvelistv5 – Published: 2004-06-30 04:00 – Updated: 2024-08-08 00:24
VLAI
EPSS
VEX
Summary
Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/10587 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/11919 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/7211 | vdb-entryx_refsource_OSVDB |
| http://marc.info/?l=bugtraq&m=108786257609932&w=2 | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=108797273127182&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1010562 | vdb-entryx_refsource_SECTRACK |
Date Public
2004-06-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10587",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10587"
},
{
"name": "11919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11919"
},
{
"name": "7211",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7211"
},
{
"name": "20040621 DLINK 614+, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
},
{
"name": "dlink614-dhcp-xss(16468)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
},
{
"name": "20040621 DLINK 704, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
},
{
"name": "20040701 DLINK 624, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
},
{
"name": "1010562",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010562"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10587",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10587"
},
{
"name": "11919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11919"
},
{
"name": "7211",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7211"
},
{
"name": "20040621 DLINK 614+, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
},
{
"name": "dlink614-dhcp-xss(16468)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
},
{
"name": "20040621 DLINK 704, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
},
{
"name": "20040701 DLINK 624, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
},
{
"name": "1010562",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010562"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10587",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10587"
},
{
"name": "11919",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11919"
},
{
"name": "7211",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7211"
},
{
"name": "20040621 DLINK 614+, script injection vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
},
{
"name": "dlink614-dhcp-xss(16468)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
},
{
"name": "20040621 DLINK 704, script injection vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
},
{
"name": "20040701 DLINK 624, script injection vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
},
{
"name": "1010562",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010562"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0615",
"datePublished": "2004-06-30T04:00:00.000Z",
"dateReserved": "2004-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:24:26.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0615 (GCVE-0-2004-0615)
Vulnerability from nvd – Published: 2004-06-30 04:00 – Updated: 2024-08-08 00:24
VLAI
EPSS
VEX
Summary
Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/10587 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/11919 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/7211 | vdb-entryx_refsource_OSVDB |
| http://marc.info/?l=bugtraq&m=108786257609932&w=2 | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=108797273127182&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1010562 | vdb-entryx_refsource_SECTRACK |
Date Public
2004-06-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10587",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10587"
},
{
"name": "11919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11919"
},
{
"name": "7211",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7211"
},
{
"name": "20040621 DLINK 614+, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
},
{
"name": "dlink614-dhcp-xss(16468)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
},
{
"name": "20040621 DLINK 704, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
},
{
"name": "20040701 DLINK 624, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
},
{
"name": "1010562",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010562"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10587",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10587"
},
{
"name": "11919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11919"
},
{
"name": "7211",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7211"
},
{
"name": "20040621 DLINK 614+, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
},
{
"name": "dlink614-dhcp-xss(16468)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
},
{
"name": "20040621 DLINK 704, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
},
{
"name": "20040701 DLINK 624, script injection vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
},
{
"name": "1010562",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010562"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10587",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10587"
},
{
"name": "11919",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11919"
},
{
"name": "7211",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7211"
},
{
"name": "20040621 DLINK 614+, script injection vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108786257609932\u0026w=2"
},
{
"name": "dlink614-dhcp-xss(16468)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16468"
},
{
"name": "20040621 DLINK 704, script injection vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108797273127182\u0026w=2"
},
{
"name": "20040701 DLINK 624, script injection vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-07/0014.html"
},
{
"name": "1010562",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010562"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0615",
"datePublished": "2004-06-30T04:00:00.000Z",
"dateReserved": "2004-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:24:26.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0661 (GCVE-0-2004-0661)
Vulnerability from nvd – Published: 2004-07-13 04:00 – Updated: 2024-08-08 00:24
VLAI
EPSS
VEX
Summary
Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/10621 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=108844250013785&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/7294 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/12018 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/367485 | mailing-listx_refsource_BUGTRAQ |
Date Public
2004-06-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:27.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10621",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10621"
},
{
"name": "20040628 DLINK 614+ - SOHO routers, DHCP service DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108844250013785\u0026w=2"
},
{
"name": "7294",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7294"
},
{
"name": "12018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12018"
},
{
"name": "dlink-dhcp-request-dos(16531)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16531"
},
{
"name": "20040629 Re: DLINK 614+ - SOHO routers, system DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/367485"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10621",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10621"
},
{
"name": "20040628 DLINK 614+ - SOHO routers, DHCP service DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108844250013785\u0026w=2"
},
{
"name": "7294",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7294"
},
{
"name": "12018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12018"
},
{
"name": "dlink-dhcp-request-dos(16531)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16531"
},
{
"name": "20040629 Re: DLINK 614+ - SOHO routers, system DOS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/367485"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10621",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10621"
},
{
"name": "20040628 DLINK 614+ - SOHO routers, DHCP service DOS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108844250013785\u0026w=2"
},
{
"name": "7294",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7294"
},
{
"name": "12018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12018"
},
{
"name": "dlink-dhcp-request-dos(16531)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16531"
},
{
"name": "20040629 Re: DLINK 614+ - SOHO routers, system DOS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/367485"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0661",
"datePublished": "2004-07-13T04:00:00.000Z",
"dateReserved": "2004-07-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:24:27.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1264 (GCVE-0-2003-1264)
Vulnerability from nvd – Published: 2005-11-16 07:37 – Updated: 2024-08-08 02:19
VLAI
EPSS
VEX
Summary
TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/10997.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/305344 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/305391 | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id?1005897 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/6533 | vdb-entryx_refsource_BID |
Date Public
2003-01-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:19:46.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "longshine-ap-tftp-access(10997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10997.php"
},
{
"name": "20030106 Longshine WLAN Access-Point LCS-883R VU#310201",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/305344"
},
{
"name": "20030106 Re: Longshine WLAN Access-Point LCS-883R VU#310201",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/305391"
},
{
"name": "1005897",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1005897"
},
{
"name": "6533",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6533"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-01-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-02-12T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "longshine-ap-tftp-access(10997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10997.php"
},
{
"name": "20030106 Longshine WLAN Access-Point LCS-883R VU#310201",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/305344"
},
{
"name": "20030106 Re: Longshine WLAN Access-Point LCS-883R VU#310201",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/305391"
},
{
"name": "1005897",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1005897"
},
{
"name": "6533",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6533"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1264",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "longshine-ap-tftp-access(10997)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10997.php"
},
{
"name": "20030106 Longshine WLAN Access-Point LCS-883R VU#310201",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/305344"
},
{
"name": "20030106 Re: Longshine WLAN Access-Point LCS-883R VU#310201",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/305391"
},
{
"name": "1005897",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1005897"
},
{
"name": "6533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6533"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1264",
"datePublished": "2005-11-16T07:37:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:19:46.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}