CVE-2004-0580

Description

DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.

Software From Fixed in
linksys / befsr41 1.35 1.35.x
linksys / befsr41 1.36 1.36.x
linksys / befsr41 1.37 1.37.x
linksys / befsr41 1.38.5 1.38.5.x
linksys / befsr41 1.39 1.39.x
linksys / befsr41 1.40.2 1.40.2.x
linksys / befsr41 1.41 1.41.x
linksys / befsr41 1.42.3 1.42.3.x
linksys / befsr41 1.42.7 1.42.7.x
linksys / befsr41 1.43 1.43.x
linksys / befsr41 1.43.3 1.43.3.x
linksys / befsr41 1.44 1.44.x
linksys / befsr41 1.45.7 1.45.7.x
linksys / befn2ps4 - -
linksys / befn2ps4 1.42.7 1.42.7.x
linksys / befsr81 - -
linksys / befsr81 2.42.7.1 2.42.7.1.x
linksys / befsr81 2.44 2.44.x
linksys / befvp41 - -
linksys / befvp41 1.39.64 1.39.64.x
linksys / befvp41 1.40.3f 1.40.3f.x
linksys / befvp41 1.40.4 1.40.4.x
linksys / befvp41 1.42.7 1.42.7.x
linksys / befsr11 1.40.2 1.40.2.x
linksys / befsr11 1.41 1.41.x
linksys / befsr11 1.42.3 1.42.3.x
linksys / befsr11 1.42.7 1.42.7.x
linksys / befsr11 1.43 1.43.x
linksys / befsr11 1.43.3 1.43.3.x
linksys / befsr11 1.44 1.44.x
linksys / befsru31 1.40.2 1.40.2.x
linksys / befsru31 1.41 1.41.x
linksys / befsru31 1.42.3 1.42.3.x
linksys / befsru31 1.42.7 1.42.7.x
linksys / befsru31 1.43 1.43.x
linksys / befsru31 1.43.3 1.43.3.x
linksys / befsru31 1.44 1.44.x
linksys / befsx41 1.42.7 1.42.7.x
linksys / befsx41 1.43 1.43.x
linksys / befsx41 1.43.3 1.43.3.x
linksys / befsx41 1.43.4 1.43.4.x
linksys / befsx41 1.44 1.44.x
linksys / befsx41 1.44.3 1.44.3.x
linksys / befsx41 1.45.3 1.45.3.x
linksys / wap55ag 1.0.7 1.0.7.x
linksys / befcmu10 - -
linksys / befsr41w - -
linksys / wrt54g 1.42.3 1.42.3.x
linksys / wrt54g 2.00.8 2.00.8.x
linksys / rv082 - -