1. Home
  2. CVE Database
  3. CVE-2004-0580
MEDIUM · 5.0

CVE-2004-0580

DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote...

Vulnerability Description

DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
LinksysBefcmu10All versions
LinksysBefn2Ps4All versions
LinksysBefsr111.40.2
LinksysBefsr411.35
LinksysBefsr41WAll versions
LinksysBefsr81All versions
LinksysBefsru311.40.2
LinksysBefsx411.42.7
LinksysBefvp41All versions
LinksysRv082All versions
LinksysWap55Ag1.0.7
LinksysWrt54G1.42.3

References

FAQ

What is CVE-2004-0580?

CVE-2004-0580 is a vulnerability with a CVSS score of 5.0 (MEDIUM). DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote...

How severe is CVE-2004-0580?

CVE-2004-0580 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2004-0580?

Check the references section above for vendor advisories and patch information. Affected products include: Linksys Befcmu10, Linksys Befn2Ps4, Linksys Befsr11, Linksys Befsr41, Linksys Befsr41W.