Vulnerability Description
The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the interface to freeze.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Santis 50 | 4.2.8.0 |
References
- http://marc.info/?l=bugtraq&m=112230914431638&w=2
- http://secunia.com/advisories/16215
- http://www.osvdb.org/18294
- http://www.securenetwork.it/advisories/ExploitVendor Advisory
- http://www.securityfocus.com/bid/14372
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21552
- http://marc.info/?l=bugtraq&m=112230914431638&w=2
- http://secunia.com/advisories/16215
- http://www.osvdb.org/18294
- http://www.securenetwork.it/advisories/ExploitVendor Advisory
- http://www.securityfocus.com/bid/14372
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21552
FAQ
What is CVE-2005-2424?
CVE-2005-2424 is a vulnerability with a CVSS score of 7.5 (HIGH). The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port ...
How severe is CVE-2005-2424?
CVE-2005-2424 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2424?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Santis 50.