Info

Disclosure

Sep 19, 2004

Discovery

Sep 15, 2004

Dates

Exploit

Sep 15, 2004

Solution

Unknown

Description

Barricade SMC routers contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker spoofs the IP address of a currently logged in administrator and sends a specially crafted URL, which will disclose configuration and password information resulting in a loss of confidentiality.

Classification

Location: Remote/Network Access Required
Attack Type: Hijacking, Information Disclosure
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workarounds: - Set the idle time to 1 minute - Use MAC filtering so that only known MAC address can access your network - Use WEP encryption for the wireless router

Products

SMC Networks, Inc.	Barricade	SMC7004VWBR
		SMC7008ABR

References

Related OSVDB ID: 10089
Secunia Advisory ID: 12601
CVE ID: 2004-1685 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-09/0150.html
Vendor URL: http://www.smc.com

Credit

Jimmy Scott - jimmyinet-solutions.be -

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

SMC Networks, Inc.

Barricade

References

Credit