Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2001-1425

The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login.

Published

2001-04-10T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Hardware	alcatel	speed_touch_home	khdsaa.108	Yes
Hardware	alcatel	speed_touch_home	khdsaa.132	Yes
Hardware	alcatel	speed_touch_home	khdsaa.133	Yes
Hardware	alcatel	speed_touch_home	khdsaa.134	Yes

References

http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html ([email protected])
http://www.cert.org/advisories/CA-2001-08.html US Government Resource ([email protected])
http://www.kb.cert.org/vuls/id/243592 US Government Resource ([email protected])
http://www.securityfocus.com/archive/1/175229 ([email protected])
http://www.securityfocus.com/bid/2568 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/6354 ([email protected])
http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.cert.org/advisories/CA-2001-08.html US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/243592 US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/175229 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/2568 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6354 (af854a3a-2127-422b-91ae-364da2661108)