CVE-2005-2916 - CVE Reference - Advisories

CVE Reference: CVE-2005-2916

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-2916

Description: Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi.

CVE Status: Candidate

References: IDEFENSE http://www.idefense.com/application/poi/display?id=307&type=vulnerabilities http://www.idefense.com/application/poi/display?id=306&type=vulnerabilities

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Blender Multiple Temporary File Security Issues

2.	Kostenloses Linkmanagements cript Multiple Vulnerabilities

3.	Linux Kernel Multiple Vulnerabilities

4.	GForge Insecure Temporary Files

5.	Microsoft Windows WMF "SETABORTPROC" Arbitrary Code Execution

6.	68 Classifieds "cat" SQL Injection Vulnerability

7.	Debian update for gforge

8.	Model Search "cat" SQL Injection Vulnerability

9.	Symantec Altiris Deployment Solution Multiple Vulnerabilities

10.	Interspire ActiveKB Admin Interface Cookie Security Bypass