CVE-2001-1425

Summary

CVE	CVE-2001-1425
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2001-04-10 04:00:00 UTC
Updated	2017-07-11 01:29:00 UTC
Description	The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Alcatel	Speed Touch Home	khdsaa.108	All	All	All
Hardware	Alcatel	Speed Touch Home	khdsaa.132	All	All	All
Hardware	Alcatel	Speed Touch Home	khdsaa.133	All	All	All
Hardware	Alcatel	Speed Touch Home	khdsaa.134	All	All	All
Hardware	Alcatel	Speed Touch Home	khdsaa.108	All	All	All
Hardware	Alcatel	Speed Touch Home	khdsaa.132	All	All	All
Hardware	Alcatel	Speed Touch Home	khdsaa.133	All	All	All
Hardware	Alcatel	Speed Touch Home	khdsaa.134	All	All	All

References

Reference	Source	Link	Tags
CERT Advisory CA-2001-08 Multiple Vulnerabilities in Alcatel ADSL Modems	CERT	www.cert.org	US Government Resource
Multiple Vulnerabilities in Alcatel ADSL-Ethernet Bridge devices	MISC	security.sdsc.edu
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
Alcatel Speed Touch ADSL Insecure Administration Interface Vulnerability	BID	www.securityfocus.com	Vendor Advisory
SecurityFocus	BUGTRAQ	www.securityfocus.com
CERT/CC Vulnerability Note VU#243592	CERT-VN	www.kb.cert.org	US Government Resource
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.