Vulnerability Description
Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a malicious TFTP server.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Com21 | Doxport 1100 | 2.1.1.106 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-12/0017.htmlVendor Advisory
- http://securitytracker.com/id?1005524
- http://www.iss.net/security_center/static/10543.phpPatch
- http://archives.neohapsis.com/archives/bugtraq/2002-12/0017.htmlVendor Advisory
- http://securitytracker.com/id?1005524
- http://www.iss.net/security_center/static/10543.phpPatch
FAQ
What is CVE-2002-1968?
CVE-2002-1968 is a vulnerability with a CVSS score of 2.1 (LOW). Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal net...
How severe is CVE-2002-1968?
CVE-2002-1968 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1968?
Check the references section above for vendor advisories and patch information. Affected products include: Com21 Doxport 1100.