CVE-2003-1085 - Vulnerability Details - OpenCVE

The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Thomson	Tcm Cable Modem Tcw Cable Modem

Configuration 1 [-]

OR	cpe:2.3:h:thomson:tcm_cable_modem:305:::::::*
	cpe:2.3:h:thomson:tcm_cable_modem:315:::::::*
	cpe:2.3:h:thomson:tcw_cable_modem:690:::::::*
	cpe:2.3:h:thomson:tcw_cable_modem:690_st42.03.0a:::::::*

No data.

References

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014062.html
http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014068.html
http://marc.info/?l=bugtraq&m=110888093214678&w=2
http://marc.info/?l=full-disclosure&m=110880725322192&w=2
http://secunia.com/advisories/10286
http://secunia.com/advisories/14353
http://www.securityfocus.com/archive/1/345414
http://www.securityfocus.com/bid/9091
http://www.shellsec.net/leer_advisory.php?id=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/13815

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-02-21T05:00:00

Updated: 2024-08-08T02:12:36.019Z

Reserved: 2005-02-21T00:00:00

Link: CVE-2003-1085

Vulnrichment

No data.

NVD

Status : Modified

Published: 2003-12-31T05:00:00.000

Modified: 2024-11-20T23:46:19.037

Link: CVE-2003-1085

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-11-23T00:00:00", "descriptions": [{"lang": "en", "value": "The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20031123 Thomnson TCM315 Denial of service", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014062.html"}, {"name": "20050219 Thomson TCW690 Denial Of Service Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://marc.info/?l=full-disclosure&m=110880725322192&w=2"}, {"name": "20031124 Thomnson TCM315 Denial of service", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014068.html"}, {"name": "14353", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/14353"}, {"name": "20050219 Re: [Full-Disclosure] Thomson TCW690 Denial Of Service Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=110888093214678&w=2"}, {"name": "thomson-http-get-dos(13815)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13815"}, {"name": "20031123 Thomnson TCM315 Denial of service", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/345414"}, {"tags": ["x_refsource_MISC"], "url": "http://www.shellsec.net/leer_advisory.php?id=2"}, {"name": "10286", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/10286"}, {"name": "9091", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/9091"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-1085", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20031123 Thomnson TCM315 Denial of service", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014062.html"}, {"name": "20050219 Thomson TCW690 Denial Of Service Vulnerability", "refsource": "FULLDISC", "url": "http://marc.info/?l=full-disclosure&m=110880725322192&w=2"}, {"name": "20031124 Thomnson TCM315 Denial of service", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014068.html"}, {"name": "14353", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/14353"}, {"name": "20050219 Re: [Full-Disclosure] Thomson TCW690 Denial Of Service Vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=110888093214678&w=2"}, {"name": "thomson-http-get-dos(13815)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13815"}, {"name": "20031123 Thomnson TCM315 Denial of service", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/345414"}, {"name": "http://www.shellsec.net/leer_advisory.php?id=2", "refsource": "MISC", "url": "http://www.shellsec.net/leer_advisory.php?id=2"}, {"name": "10286", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10286"}, {"name": "9091", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9091"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:12:36.019Z"}, "title": "CVE Program Container", "references": [{"name": "20031123 Thomnson TCM315 Denial of service", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014062.html"}, {"name": "20050219 Thomson TCW690 Denial Of Service Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://marc.info/?l=full-disclosure&m=110880725322192&w=2"}, {"name": "20031124 Thomnson TCM315 Denial of service", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014068.html"}, {"name": "14353", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/14353"}, {"name": "20050219 Re: [Full-Disclosure] Thomson TCW690 Denial Of Service Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=110888093214678&w=2"}, {"name": "thomson-http-get-dos(13815)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13815"}, {"name": "20031123 Thomnson TCM315 Denial of service", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/345414"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.shellsec.net/leer_advisory.php?id=2"}, {"name": "10286", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/10286"}, {"name": "9091", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/9091"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-1085", "datePublished": "2005-02-21T05:00:00", "dateReserved": "2005-02-21T00:00:00", "dateUpdated": "2024-08-08T02:12:36.019Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:thomson:tcm_cable_modem:305:*:*:*:*:*:*:*", "matchCriteriaId": "4345DB0F-8D10-4C35-86AB-85C659262F6D", "vulnerable": false}, {"criteria": "cpe:2.3:h:thomson:tcm_cable_modem:315:*:*:*:*:*:*:*", "matchCriteriaId": "6008DD57-117E-4486-A25E-94872AEB7993", "vulnerable": false}, {"criteria": "cpe:2.3:h:thomson:tcw_cable_modem:690:*:*:*:*:*:*:*", "matchCriteriaId": "930E334F-D6B4-4680-B0D8-A06A80D02BA8", "vulnerable": false}, {"criteria": "cpe:2.3:h:thomson:tcw_cable_modem:690_st42.03.0a:*:*:*:*:*:*:*", "matchCriteriaId": "71DA2A1A-4280-43F5-A82B-430A23DBA7C8", "vulnerable": false}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow."}], "id": "CVE-2003-1085", "lastModified": "2024-11-20T23:46:19.037", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014062.html"}, {"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014068.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=110888093214678&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=full-disclosure&m=110880725322192&w=2"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://secunia.com/advisories/10286"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://secunia.com/advisories/14353"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/archive/1/345414"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/9091"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.shellsec.net/leer_advisory.php?id=2"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13815"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014062.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/014068.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=110888093214678&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=full-disclosure&m=110880725322192&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://secunia.com/advisories/10286"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://secunia.com/advisories/14353"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/archive/1/345414"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/9091"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.shellsec.net/leer_advisory.php?id=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13815"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}