Overview
The AirSpan WiMAX ProST contains an authentication bypass vulnerability that could allow an unauthenticated, remote attacker to make arbitrary configuration changes.
Description
The AirSpan WiMAX ProST is customer premise equipment that provides WiMAX wireless networking. The web management interface of the Airspan WiMax ProST does not properly authenticate HTTP POST requests. |
Impact
By sending HTTP POST requests to a vulnerable ProST device, a remote, unauthenticated attacker may be able to make arbitrary configuration changes. The attacker could potentially disable the device by uploading an invalid firmware image. |
Solution
Upgrade From AirSpan WiMAX product bulletin PB/ASM/2008/016 Rev A: |
Restrict access |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 0 | AV:--/AC:--/Au:--/C:--/I:--/A:-- |
| Temporal | 0 | E:ND/RL:ND/RC:ND |
| Environmental | 0 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
References
- http://www.sharemethods.net/nepal/servlet/open?keeppath=false&aid=30887
- http://www.airspan.com/products_wimax_custprem_ProST.aspx
- http://www.sharemethods.net/nepal/servlet/open?keeppath=false&aid=29820
- http://www.wimaxforum.org/home/
- http://grouper.ieee.org/groups/802/16/
- http://en.wikipedia.org/wiki/WiMAX
- http://www.0x000000.com/?i=524
- http://airspan4wimax.googlepages.com/
Acknowledgements
Thanks to Arthur Lashin for reporting this vulnerability and Francis Lacoste-Cordeau for information that was used in this report..
This document was written by Ryan Giobbi.
Other Information
| CVE IDs: | CVE-2008-1262 |
| Severity Metric: | 6.48 |
| Date Public: | 2008-03-06 |
| Date First Published: | 2008-03-06 |
| Date Last Updated: | 2008-04-10 16:25 UTC |
| Document Revision: | 32 |