IPA/ISEC：Vulnerabilities：Security Alert for Vulnerability in Cisco Linksys WRT54GC

Published: Jan 21, 2011
>> JAPANESE

1.Overview

Cisco Linksys WRT54GC is a router to interconnect the networks developed by Cisco Systems, Inc. Cisco Linksys WRT54GC is vulnerable to buffer overflow due to a flaw in processing the maliciously crafted HTTP requests. If exploited, the vulnerability could allow an attacker to render Cisco Linksys WRT54GC unresponsive.

Get the fixed version at the following URL and update the software.:
http://tools.cisco.com/security/center/viewAlert.x?alertId=22228

For the latest information, refer to the following URL:
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000007

The IPA first received a report concerning this vulnerability through the creditee below and the JPCERT Coordination Center (JPCERT/CC), in line with the Information Security Early Warning Partnership, made adjustments to clarify the matter with the vendor, and made the announcement public on January 21, 2011.

2.Impact

An attacker could render Cisco Linksys WRT54GC unresponsive.

3.Solution

To fix this vulnerability, update the firmware to the fixed one provided by the developer.

4.CVSS Severity

(1)Evaluation Result

(2) Base Score Metrics

■:Selected Values

5.CWE Type

This vulnerability has been CWE classified as "Buffer Errors (CWE-119)".

Contact