First published: Fri Mar 15 2002(Updated: )
Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string "public," which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linksys BEFSR41 | =0.0 | |
Linksys BEFN2PS4 | =0.0 | |
Linksys BEFSR81 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2002-0109 is considered high due to the potential for remote exploitation leading to significant information disclosure and denial of service.
To fix CVE-2002-0109, change the default SNMP community string from 'public' to a more secure value and disable SNMP if it is not needed.
CVE-2002-0109 affects Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 routers, among possibly other models.
Yes, CVE-2002-0109 allows remote attackers to exploit SNMP queries to gain sensitive information and manipulate router settings.
A temporary workaround for CVE-2002-0109 includes restricting access to the router's management interface to trusted IP addresses only.