Thomson TCW690 Cable Modem ST42.03.0a - GET Denial of Service

EDB-ID:

25124


Author:

MurDoK

Type:

dos


Platform:

Hardware

Date:

2005-02-19


source: https://www.securityfocus.com/bid/12595/info

Thomson TCW690 cable modem is reported prone to multiple remote vulnerabilities. These issues may allow an attacker to cause a denial of service condition and/or gain unauthorized access to the device.

The following specific issues were identified:

The device is reported prone to a partial denial of service condition that results from a boundary condition error. Reportedly, a successful attack can cause the device to fail to process requests for a limited period of time. This issue may be related to BID 9091 (Thomson Cable Modem Remote Denial Of Service Vulnerability).

Another vulnerability affecting the modem can allow attackers to gain unauthorized access to the device. It is reported that the device does not properly verify users' authentication credentials when handling an HTTP POST request.

Thomson TCW690 with firmware version ST42.03.0a is reported vulnerable to these issues. It is possible that other versions are affected as well. 

http://www.example.com/AAAA[about 2000 A's]AAA