Vulnerability Description
The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alcatel | Speed Touch Home | khdsaa.108 |
References
- http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html
- http://www.cert.org/advisories/CA-2001-08.htmlUS Government Resource
- http://www.kb.cert.org/vuls/id/243592US Government Resource
- http://www.securityfocus.com/archive/1/175229
- http://www.securityfocus.com/bid/2568Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6354
- http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html
- http://www.cert.org/advisories/CA-2001-08.htmlUS Government Resource
- http://www.kb.cert.org/vuls/id/243592US Government Resource
- http://www.securityfocus.com/archive/1/175229
- http://www.securityfocus.com/bid/2568Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6354
FAQ
What is CVE-2001-1425?
CVE-2001-1425 is a vulnerability with a CVSS score of 7.5 (HIGH). The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly co...
How severe is CVE-2001-1425?
CVE-2001-1425 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1425?
Check the references section above for vendor advisories and patch information. Affected products include: Alcatel Speed Touch Home.