CVE-2004-0580

Description

DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.

Affected products

linksys / befcmu10
linksys / befn2ps4
linksys / befn2ps41.42.7 – 1.42.7
linksys / befsr111.40.2 – 1.40.2
linksys / befsr111.41 – 1.41
linksys / befsr111.42.3 – 1.42.3
linksys / befsr111.42.7 – 1.42.7
linksys / befsr111.43 – 1.43
linksys / befsr111.43.3 – 1.43.3
linksys / befsr111.44 – 1.44
linksys / befsr411.35 – 1.35
linksys / befsr411.36 – 1.36
linksys / befsr411.37 – 1.37
linksys / befsr411.38.5 – 1.38.5
linksys / befsr411.39 – 1.39
linksys / befsr411.40.2 – 1.40.2
linksys / befsr411.41 – 1.41
linksys / befsr411.42.3 – 1.42.3
linksys / befsr411.42.7 – 1.42.7
linksys / befsr411.43 – 1.43
linksys / befsr411.43.3 – 1.43.3
linksys / befsr411.44 – 1.44
linksys / befsr411.45.7 – 1.45.7
linksys / befsr41w
linksys / befsr81
linksys / befsr812.42.7.1 – 2.42.7.1
linksys / befsr812.44 – 2.44
linksys / befsru311.40.2 – 1.40.2
linksys / befsru311.41 – 1.41
linksys / befsru311.42.3 – 1.42.3
linksys / befsru311.42.7 – 1.42.7
linksys / befsru311.43 – 1.43
linksys / befsru311.43.3 – 1.43.3
linksys / befsru311.44 – 1.44
linksys / befsx411.42.7 – 1.42.7
linksys / befsx411.43 – 1.43
linksys / befsx411.43.3 – 1.43.3
linksys / befsx411.43.4 – 1.43.4
linksys / befsx411.44 – 1.44
linksys / befsx411.44.3 – 1.44.3
linksys / befsx411.45.3 – 1.45.3
linksys / befvp41
linksys / befvp411.39.64 – 1.39.64
linksys / befvp411.40.3f – 1.40.3f
linksys / befvp411.40.4 – 1.40.4
linksys / befvp411.42.7 – 1.42.7
linksys / rv082
linksys / wap55ag1.0.7 – 1.0.7
linksys / WRT54G1.42.3 – 1.42.3
linksys / WRT54G2.00.8 – 2.00.8

Description

Affected products

References