CVE-2009-4409
Published Dec 23, 2009
Last updated 15 years ago
Overview
- Description
- The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator (PPPAC) function in Internet Initiative Japan SEIL/B1 firmware 1.00 through 2.52 use the same challenge for each authentication attempt, which allows remote attackers to bypass authentication via a replay attack.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.6
- Impact score
- 2.9
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:1.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AB18B1D-6DB6-4096-83EC-9608678218DE"
},
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:2.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F9B7A67-49CD-4D42-B5C5-E45BE775EDB5"
},
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:2.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB22791F-D919-4B32-86E7-83ACBE6D4F03"
},
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:2.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D36BD6C-7802-473A-B8A1-BD4D687F3AEC"
},
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:2.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8617348-4572-4277-AFB4-241F4A38687F"
},
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:2.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D73D5590-F721-4A8C-95D8-B396198FB27D"
},
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:2.41:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6382F122-161C-433D-AF82-0E8E4073A392"
},
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:2.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4772B30-D3E3-49AC-86F7-CEAE59CECE02"
},
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:2.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "477AEE25-5F49-4DCA-95C3-61DF83E4E91D"
},
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:2.51:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "558625E8-5613-4993-84DF-C0ECF0C92325"
},
{
"criteria": "cpe:2.3:h:iij:seil\\/b1:2.52:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D4BB407-DECF-4E84-BF99-9CE2A93A84A7"
}
],
"operator": "OR"
}
]
}
]