All the vulnerabilites related to cisco - 7600_router
cve-2012-4661
Vulnerability from cvelistv5
Published
2012-10-29 20:00
Modified
2024-08-06 20:42
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/55863 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm | vendor-advisory, x_refsource_CISCO | |
| http://secunia.com/advisories/50857 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/86146 | vdb-entry, x_refsource_OSVDB | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/79173 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:55.109Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55863"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"name": "50857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50857"
},
{
"name": "86146",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/86146"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
},
{
"name": "cisco-fwsm-dcerpc-bo(79173)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "55863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55863"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"name": "50857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50857"
},
{
"name": "86146",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/86146"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
},
{
"name": "cisco-fwsm-dcerpc-bo(79173)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-4661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55863"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"name": "50857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50857"
},
{
"name": "86146",
"refsource": "OSVDB",
"url": "http://osvdb.org/86146"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
},
{
"name": "cisco-fwsm-dcerpc-bo(79173)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-4661",
"datePublished": "2012-10-29T20:00:00",
"dateReserved": "2012-08-24T00:00:00",
"dateUpdated": "2024-08-06T20:42:55.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-4662
Vulnerability from cvelistv5
Published
2012-10-29 20:00
Modified
2024-08-06 20:42
Severity ?
EPSS score ?
Summary
The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21376 and CSCtr27524.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/55862 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/79174 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/86147 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/50857 | third-party-advisory, x_refsource_SECUNIA | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55862",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55862"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"name": "cisco-fwsm-dcerpc-dos(79174)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79174"
},
{
"name": "86147",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/86147"
},
{
"name": "50857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50857"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21376 and CSCtr27524."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "55862",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55862"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"name": "cisco-fwsm-dcerpc-dos(79174)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79174"
},
{
"name": "86147",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/86147"
},
{
"name": "50857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50857"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-4662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21376 and CSCtr27524."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55862"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"name": "cisco-fwsm-dcerpc-dos(79174)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79174"
},
{
"name": "86147",
"refsource": "OSVDB",
"url": "http://osvdb.org/86147"
},
{
"name": "50857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50857"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-4662",
"datePublished": "2012-10-29T20:00:00",
"dateReserved": "2012-08-24T00:00:00",
"dateUpdated": "2024-08-06T20:42:54.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5584
Vulnerability from cvelistv5
Published
2007-12-20 02:00
Modified
2024-08-07 15:39
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted "data in the control-plane path with Layer 7 Application Inspections."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a008091b11d.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/26941 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39135 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/28175 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/39298 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1019120 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/4270 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:12.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20071219 Application Inspection Vulnerability in Cisco Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008091b11d.shtml"
},
{
"name": "26941",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26941"
},
{
"name": "cisco-fwsm-control-plane-dos(39135)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39135"
},
{
"name": "28175",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28175"
},
{
"name": "39298",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/39298"
},
{
"name": "1019120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019120"
},
{
"name": "ADV-2007-4270",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4270"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted \"data in the control-plane path with Layer 7 Application Inspections.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20071219 Application Inspection Vulnerability in Cisco Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008091b11d.shtml"
},
{
"name": "26941",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26941"
},
{
"name": "cisco-fwsm-control-plane-dos(39135)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39135"
},
{
"name": "28175",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28175"
},
{
"name": "39298",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/39298"
},
{
"name": "1019120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019120"
},
{
"name": "ADV-2007-4270",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4270"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2007-5584",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted \"data in the control-plane path with Layer 7 Application Inspections.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071219 Application Inspection Vulnerability in Cisco Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008091b11d.shtml"
},
{
"name": "26941",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26941"
},
{
"name": "cisco-fwsm-control-plane-dos(39135)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39135"
},
{
"name": "28175",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28175"
},
{
"name": "39298",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/39298"
},
{
"name": "1019120",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019120"
},
{
"name": "ADV-2007-4270",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4270"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2007-5584",
"datePublished": "2007-12-20T02:00:00",
"dateReserved": "2007-10-19T00:00:00",
"dateUpdated": "2024-08-07T15:39:12.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6693
Vulnerability from cvelistv5
Published
2013-11-22 01:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=31861 | x_refsource_CONFIRM | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6693 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:22.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31861"
},
{
"name": "20131121 Cisco IOS Software MLDP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6693"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-23T18:10:04",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31861"
},
{
"name": "20131121 Cisco IOS Software MLDP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6693"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-6693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31861",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31861"
},
{
"name": "20131121 Cisco IOS Software MLDP Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6693"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-6693",
"datePublished": "2013-11-22T01:00:00",
"dateReserved": "2013-11-07T00:00:00",
"dateUpdated": "2024-08-06T17:46:22.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0537
Vulnerability from cvelistv5
Published
2008-03-27 10:00
Modified
2024-08-07 07:46
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41466 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/29559 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.us-cert.gov/cas/techalerts/TA08-087B.html | third-party-advisory, x_refsource_CERT | |
| http://www.vupen.com/english/advisories/2008/1005/references | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1019716 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/28463 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:55.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-catalyst-sup-rsp-dos(41466)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41466"
},
{
"name": "29559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29559"
},
{
"name": "TA08-087B",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"
},
{
"name": "ADV-2008-1005",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1005/references"
},
{
"name": "20080326 Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml"
},
{
"name": "1019716",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019716"
},
{
"name": "28463",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28463"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-catalyst-sup-rsp-dos(41466)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41466"
},
{
"name": "29559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29559"
},
{
"name": "TA08-087B",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"
},
{
"name": "ADV-2008-1005",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1005/references"
},
{
"name": "20080326 Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml"
},
{
"name": "1019716",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019716"
},
{
"name": "28463",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28463"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-0537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-catalyst-sup-rsp-dos(41466)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41466"
},
{
"name": "29559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29559"
},
{
"name": "TA08-087B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"
},
{
"name": "ADV-2008-1005",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1005/references"
},
{
"name": "20080326 Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml"
},
{
"name": "1019716",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019716"
},
{
"name": "28463",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28463"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-0537",
"datePublished": "2008-03-27T10:00:00",
"dateReserved": "2008-01-31T00:00:00",
"dateUpdated": "2024-08-07T07:46:55.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1622
Vulnerability from cvelistv5
Published
2021-09-23 02:25
Modified
2024-11-07 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this vulnerability by sending COPS packets with high burst rates to an affected device. A successful exploit could allow the attacker to cause the CPU to consume excessive resources, which prevents other control plane processes from obtaining resources and results in a DoS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8-cops-Vc2ZsJSx | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IOS XE Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.416Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Common Open Policy Service Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8-cops-Vc2ZsJSx"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1622",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:54:19.874106Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:59:58.428Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this vulnerability by sending COPS packets with high burst rates to an affected device. A successful exploit could allow the attacker to cause the CPU to consume excessive resources, which prevents other control plane processes from obtaining resources and results in a DoS."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-833",
"description": "CWE-833",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:25:09",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Common Open Policy Service Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8-cops-Vc2ZsJSx"
}
],
"source": {
"advisory": "cisco-sa-cbr8-cops-Vc2ZsJSx",
"defect": [
[
"CSCvw49029"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Common Open Policy Service Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-1622",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Common Open Policy Service Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this vulnerability by sending COPS packets with high burst rates to an affected device. A successful exploit could allow the attacker to cause the CPU to consume excessive resources, which prevents other control plane processes from obtaining resources and results in a DoS."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-833"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Common Open Policy Service Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8-cops-Vc2ZsJSx"
}
]
},
"source": {
"advisory": "cisco-sa-cbr8-cops-Vc2ZsJSx",
"defect": [
[
"CSCvw49029"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1622",
"datePublished": "2021-09-23T02:25:10.088381Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T21:59:58.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1111
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.us-cert.gov/cas/techalerts/TA04-316A.html | third-party-advisory, x_refsource_CERT | |
| http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.kb.cert.org/vuls/id/630104 | third-party-advisory, x_refsource_CERT-VN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18021 | vdb-entry, x_refsource_XF | |
| http://www.ciac.org/ciac/bulletins/p-034.shtml | third-party-advisory, government-resource, x_refsource_CIAC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5632",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
},
{
"name": "TA04-316A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
},
{
"name": "20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
},
{
"name": "VU#630104",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/630104"
},
{
"name": "cisco-ios-dhcp-dos(18021)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
},
{
"name": "P-034",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5632",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
},
{
"name": "TA04-316A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
},
{
"name": "20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
},
{
"name": "VU#630104",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/630104"
},
{
"name": "cisco-ios-dhcp-dos(18021)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
},
{
"name": "P-034",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:5632",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
},
{
"name": "TA04-316A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
},
{
"name": "20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
},
{
"name": "VU#630104",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/630104"
},
{
"name": "cisco-ios-dhcp-dos(18021)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
},
{
"name": "P-034",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1111",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-30T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-4663
Vulnerability from cvelistv5
Published
2012-10-29 20:00
Modified
2024-08-06 20:42
Severity ?
EPSS score ?
Summary
The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21346 and CSCtr27521.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/55862 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/79175 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/50857 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/86148 | vdb-entry, x_refsource_OSVDB | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:55.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55862",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55862"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"name": "cisco-dcerpc-dos(79175)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79175"
},
{
"name": "50857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50857"
},
{
"name": "86148",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/86148"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21346 and CSCtr27521."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "55862",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55862"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"name": "cisco-dcerpc-dos(79175)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79175"
},
{
"name": "50857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50857"
},
{
"name": "86148",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/86148"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-4663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21346 and CSCtr27521."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55862"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"name": "cisco-dcerpc-dos(79175)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79175"
},
{
"name": "50857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50857"
},
{
"name": "86148",
"refsource": "OSVDB",
"url": "http://osvdb.org/86148"
},
{
"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-4663",
"datePublished": "2012-10-29T20:00:00",
"dateReserved": "2012-08-24T00:00:00",
"dateUpdated": "2024-08-06T20:42:55.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-10-29 20:55
Modified
2024-11-21 01:43
Severity ?
Summary
Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | 8.3\(1\) | |
| cisco | adaptive_security_appliance_software | 8.3\(2\) | |
| cisco | adaptive_security_appliance_software | 8.4 | |
| cisco | adaptive_security_appliance_software | 8.4\(1\) | |
| cisco | adaptive_security_appliance_software | 8.4\(1.11\) | |
| cisco | adaptive_security_appliance_software | 8.4\(2\) | |
| cisco | adaptive_security_appliance_software | 8.4\(2.11\) | |
| cisco | adaptive_security_appliance_software | 8.5 | |
| cisco | adaptive_security_appliance_software | 8.5\(1\) | |
| cisco | adaptive_security_appliance_software | 8.5\(1.4\) | |
| cisco | adaptive_security_appliance_software | 8.6 | |
| cisco | adaptive_security_appliance_software | 8.6\(1\) | |
| cisco | 5500_series_adaptive_security_appliance | * | |
| cisco | 7600_router | * | |
| cisco | catalyst_6500 | * | |
| cisco | catalyst_6503-e | - | |
| cisco | catalyst_6504-e | - | |
| cisco | catalyst_6506-e | - | |
| cisco | catalyst_6509-e | - | |
| cisco | catalyst_6509-neb-a | - | |
| cisco | catalyst_6509-v-e | - | |
| cisco | catalyst_6513 | - | |
| cisco | catalyst_6513-e | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95EC2D6C-84BA-4A58-B4A0-6FF8613AF9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "691166C2-1FBD-46EB-8AA5-FCE303444ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4956430E-BEC1-4788-B0D2-E50E36C70306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "310B4795-4BC3-4F47-8F54-C513ECC2C9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9E87F3D-669C-4451-A4C4-E8FE04769248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4154E951-DE5D-4D48-B5BA-B3CCDDA3FBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2BFCE154-6582-49E2-9B9D-641986B7D653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "563181F6-6A37-496B-AE25-0D03214BA7BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F202892E-2E58-4D77-B983-38AFA51CDBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F57DF3E-4069-4EF0-917E-84CDDFCEBEEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BE25114-ABBC-47A0-9C20-E8D40D721313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FADD5F49-2817-40EC-861C-C922825708BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E628F9C4-98C6-4A95-AF81-F1E6A56E8648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFF899C-1EB3-46D8-9003-EA36A68C90B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6463491-F63E-44CB-A1D4-C029BE7D3D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8668D34-096B-4FC3-B9B1-0ECFD6265778",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522."
},
{
"lang": "es",
"value": "El motor de inspecci\u00f3n DCERPC en los dispositivos Cisco Adaptive Security Appliances (ASA) 5500, y el M\u00f3dulo de Servicios de ASA (ASASM) en los dispositivos Cisco Catalyst 6500, con la versi\u00f3n del software anterior a la v8.3(2.25), v8.4 antes de v8.4 (2,5) y v8.5 antes de v8.5(1.13) y v8.6 antes de v8.6(1.3) y el m\u00f3dulo Firewall Services Module (FWSM) v4.1 antes de v4.1(7) en los switches Cisco Catalyst 6500 y los routers de la serie 7600, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio del dispositivo) a trav\u00e9s de un paquete DCERPC modificado, tambi\u00e9n conocido como bug CSCtr21359 y CSCtr27522."
}
],
"id": "CVE-2012-4661",
"lastModified": "2024-11-21T01:43:18.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 9.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-10-29T20:55:01.257",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/86146"
},
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/50857"
},
{
"source": "ykramarz@cisco.com",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
},
{
"source": "ykramarz@cisco.com",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/55863"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79173"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 05:44
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this vulnerability by sending COPS packets with high burst rates to an affected device. A successful exploit could allow the attacker to cause the CPU to consume excessive resources, which prevents other control plane processes from obtaining resources and results in a DoS.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe | * | |
| cisco | ios_xe | 17.3.1x | |
| cisco | 7600_router | - | |
| cisco | asr_901-12c-f-d | - | |
| cisco | asr_901-12c-ft-d | - | |
| cisco | asr_901-4c-f-d | - | |
| cisco | asr_901-4c-ft-d | - | |
| cisco | asr_901-6cz-f-a | - | |
| cisco | asr_901-6cz-f-d | - | |
| cisco | asr_901-6cz-fs-a | - | |
| cisco | asr_901-6cz-fs-d | - | |
| cisco | asr_901-6cz-ft-a | - | |
| cisco | asr_901-6cz-ft-d | - | |
| cisco | cbr-8 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F28F7CDF-B79D-4856-868E-F375BEA297F5",
"versionEndExcluding": "16.12.1z1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7600_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F65D6BF2-7016-4C1C-93BC-F5742F299607",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E673A75F-EFF8-4591-8E0F-A21083563DBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:cbr-8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB77D0EC-A448-4D97-8EB0-EA4956549A52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. This vulnerability is due to a deadlock condition in the code when processing COPS packets under certain conditions. An attacker could exploit this vulnerability by sending COPS packets with high burst rates to an affected device. A successful exploit could allow the attacker to cause the CPU to consume excessive resources, which prevents other control plane processes from obtaining resources and results in a DoS."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el Servicio de Pol\u00edtica Abierta Com\u00fan (COPS) de Cisco IOS XE Software para Cisco cBR-8 Converged Broadband Routers podr\u00eda permitir a un atacante remoto no autenticado causar el agotamiento de los recursos, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido a una condici\u00f3n de bloqueo en el c\u00f3digo cuando se procesan paquetes COPS bajo determinadas condiciones. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes COPS con altas tasas de r\u00e1fagas a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar el consumo excesivo de recursos de la CPU, que impide que otros procesos del plano de control obtengan recursos y resulta en una DoS"
}
],
"id": "CVE-2021-1622",
"lastModified": "2024-11-21T05:44:45.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T03:15:13.353",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8-cops-Vc2ZsJSx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8-cops-Vc2ZsJSx"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-833"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-667"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-29 20:55
Modified
2024-11-21 01:43
Severity ?
Summary
The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21376 and CSCtr27524.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | 8.3\(1\) | |
| cisco | adaptive_security_appliance_software | 8.3\(2\) | |
| cisco | adaptive_security_appliance_software | 8.4 | |
| cisco | adaptive_security_appliance_software | 8.4\(1\) | |
| cisco | adaptive_security_appliance_software | 8.4\(1.11\) | |
| cisco | adaptive_security_appliance_software | 8.4\(2\) | |
| cisco | adaptive_security_appliance_software | 8.4\(2.11\) | |
| cisco | adaptive_security_appliance_software | 8.5 | |
| cisco | adaptive_security_appliance_software | 8.5\(1\) | |
| cisco | adaptive_security_appliance_software | 8.5\(1.4\) | |
| cisco | 5500_series_adaptive_security_appliance | * | |
| cisco | 7600_router | * | |
| cisco | catalyst_6500 | * | |
| cisco | catalyst_6503-e | - | |
| cisco | catalyst_6504-e | - | |
| cisco | catalyst_6506-e | - | |
| cisco | catalyst_6509-e | - | |
| cisco | catalyst_6509-neb-a | - | |
| cisco | catalyst_6509-v-e | - | |
| cisco | catalyst_6513 | - | |
| cisco | catalyst_6513-e | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95EC2D6C-84BA-4A58-B4A0-6FF8613AF9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "691166C2-1FBD-46EB-8AA5-FCE303444ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4956430E-BEC1-4788-B0D2-E50E36C70306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "310B4795-4BC3-4F47-8F54-C513ECC2C9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9E87F3D-669C-4451-A4C4-E8FE04769248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4154E951-DE5D-4D48-B5BA-B3CCDDA3FBA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F202892E-2E58-4D77-B983-38AFA51CDBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F57DF3E-4069-4EF0-917E-84CDDFCEBEEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BE25114-ABBC-47A0-9C20-E8D40D721313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FADD5F49-2817-40EC-861C-C922825708BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E628F9C4-98C6-4A95-AF81-F1E6A56E8648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFF899C-1EB3-46D8-9003-EA36A68C90B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6463491-F63E-44CB-A1D4-C029BE7D3D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8668D34-096B-4FC3-B9B1-0ECFD6265778",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21376 and CSCtr27524."
},
{
"lang": "es",
"value": "El motor de inspecci\u00f3n DCERPC en los dispositivos Cisco Adaptive Security Appliances (ASA) 5500, y el M\u00f3dulo de Servicios de ASA (ASASM) en los dispositivos Cisco Catalyst 6500, con la versi\u00f3n del software anterior a la v8.3(2.25), v8.4 antes de v8.4 (2,5) y v8.5 antes de v8.5(1.13) y el Firewall Services Module (FWSM) v4.1 antes de v4.1(7) en los switches Cisco Catalyst 6500 y los routers de la serie 7600, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio del dispositivo) a trav\u00e9s de un paquete DCERPC modificado, tambi\u00e9n conocido como bug CSCtr21376 y CSCtr27524.\r\n\r\n\r\n"
}
],
"id": "CVE-2012-4662",
"lastModified": "2024-11-21T01:43:18.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-10-29T20:55:01.307",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/86147"
},
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/50857"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
},
{
"source": "ykramarz@cisco.com",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/55862"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79174"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-12-20 02:46
Modified
2024-11-21 00:38
Severity ?
Summary
Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted "data in the control-plane path with Layer 7 Application Inspections."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | 7600_router | * | |
| cisco | catalyst_6500 | * | |
| cisco | firewall_services_module | 3.2\(3\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:3.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5D03FB87-63DE-45D0-ABB5-5209547F7166",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted \"data in the control-plane path with Layer 7 Application Inspections.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Cisco Firewall Services Module (FWSM) 3.2(3) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante \"datos manipulados en la ruta del plano de control con Inspecciones de Capa 7 de Applicaci\u00f3n\"."
}
],
"id": "CVE-2007-5584",
"lastModified": "2024-11-21T00:38:15.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-20T02:46:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/28175"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008091b11d.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.osvdb.org/39298"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26941"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1019120"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2007/4270"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008091b11d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/39298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39135"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-22 01:55
Modified
2024-11-21 01:59
Severity ?
Summary
The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E01C8A6F-C3C1-476F-AE1A-CF2327ADA912",
"versionEndIncluding": "15.3\\(3\\)s",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "36979139-66D2-40DD-A865-547BA9D49786",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "2D105A75-3C37-4B44-8248-6037C98F2F93",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345."
},
{
"lang": "es",
"value": "La implementaci\u00f3n MLDP en Cisco IOS 15.3(3)S y anteriores versiones de routers 7600, cuando son configurados varios VRFs, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de chunk y reinicio del dispositivo) mediante el establecimiento de varios flujos multidifusi\u00f3n, tambi\u00e9n conocido como Bug IDCSCue22345."
}
],
"id": "CVE-2013-6693",
"lastModified": "2024-11-21T01:59:34.007",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-22T01:55:04.073",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6693"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31861"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-27 10:44
Modified
2024-11-21 00:42
Severity ?
Summary
Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | 7600_router | * | |
| cisco | catalyst_6500 | * | |
| cisco | me_6524_ethernet_switch | * | |
| cisco | route_switch_processor | rsp720 | |
| cisco | supervisor_engine | sup32 | |
| cisco | supervisor_engine | sup720 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:me_6524_ethernet_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6188EAF7-F61F-44D9-8D8A-AED195D045F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:route_switch_processor:rsp720:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC994F2-CD1D-4B42-A92F-EF01BBBD59BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:supervisor_engine:sup32:*:*:*:*:*:*:*",
"matchCriteriaId": "99A3D8A9-FFD2-4DAC-997A-0E118878A360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:supervisor_engine:sup720:*:*:*:*:*:*:*",
"matchCriteriaId": "D5ECF6D1-A7AB-4149-943E-F011038F6C40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidades no especificadas en Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), y Route Switch Processor 720 (RSP720) para m\u00faltiples productos de Cisco, cuando utilizan Multi Protocol Label Switching (MPLS) VPN y OSPF sham-link, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cola bloqueada, dispositivo reiniciado, o fuga de memoria) a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2008-0537",
"lastModified": "2024-11-21T00:42:20.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-27T10:44:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29559"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/28463"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1019716"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2008/1005/references"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1005/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41466"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-29 20:55
Modified
2024-11-21 01:43
Severity ?
Summary
The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21346 and CSCtr27521.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | 8.3\(1\) | |
| cisco | adaptive_security_appliance_software | 8.3\(2\) | |
| cisco | adaptive_security_appliance_software | 8.4 | |
| cisco | adaptive_security_appliance_software | 8.4\(1\) | |
| cisco | adaptive_security_appliance_software | 8.4\(1.11\) | |
| cisco | adaptive_security_appliance_software | 8.4\(2\) | |
| cisco | adaptive_security_appliance_software | 8.4\(2.11\) | |
| cisco | adaptive_security_appliance_software | 8.5 | |
| cisco | adaptive_security_appliance_software | 8.5\(1\) | |
| cisco | adaptive_security_appliance_software | 8.5\(1.4\) | |
| cisco | 5500_series_adaptive_security_appliance | * | |
| cisco | 7600_router | * | |
| cisco | catalyst_6500 | * | |
| cisco | catalyst_6503-e | - | |
| cisco | catalyst_6504-e | - | |
| cisco | catalyst_6506-e | - | |
| cisco | catalyst_6509-e | - | |
| cisco | catalyst_6509-neb-a | - | |
| cisco | catalyst_6509-v-e | - | |
| cisco | catalyst_6513 | - | |
| cisco | catalyst_6513-e | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95EC2D6C-84BA-4A58-B4A0-6FF8613AF9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "691166C2-1FBD-46EB-8AA5-FCE303444ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4956430E-BEC1-4788-B0D2-E50E36C70306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "310B4795-4BC3-4F47-8F54-C513ECC2C9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9E87F3D-669C-4451-A4C4-E8FE04769248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4154E951-DE5D-4D48-B5BA-B3CCDDA3FBA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F202892E-2E58-4D77-B983-38AFA51CDBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F57DF3E-4069-4EF0-917E-84CDDFCEBEEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BE25114-ABBC-47A0-9C20-E8D40D721313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FADD5F49-2817-40EC-861C-C922825708BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E628F9C4-98C6-4A95-AF81-F1E6A56E8648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFF899C-1EB3-46D8-9003-EA36A68C90B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6463491-F63E-44CB-A1D4-C029BE7D3D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8668D34-096B-4FC3-B9B1-0ECFD6265778",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21346 and CSCtr27521."
},
{
"lang": "es",
"value": "El motor de inspecci\u00f3n DCERPC en los dispositivos Cisco Adaptive Security Appliances (ASA) 5500, y el M\u00f3dulo de Servicios de ASA (ASASM) en los dispositivos Cisco Catalyst 6500, con la versi\u00f3n del software anterior a la v8.3(2.25), v8.4 antes de v8.4 (2,5) y v8.5 antes de v8.5(1.13) y el Firewall Services Module (FWSM) v4.1 antes de v4.1(7) en los switches Cisco Catalyst 6500 y los routers de la serie 7600, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio del dispositivo) a trav\u00e9s de un paquete DCERPC modificado, tambi\u00e9n conocido como bug CSCtr21346 y CSCtr27521.\r\n"
}
],
"id": "CVE-2012-4663",
"lastModified": "2024-11-21T01:43:18.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-10-29T20:55:01.353",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/86148"
},
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/50857"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
},
{
"source": "ykramarz@cisco.com",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/55862"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79175"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios | 12.2\(14\)sz | |
| cisco | ios | 12.2\(18\)ew | |
| cisco | ios | 12.2\(18\)ewa | |
| cisco | ios | 12.2\(18\)s | |
| cisco | ios | 12.2\(18\)se | |
| cisco | ios | 12.2\(18\)sv | |
| cisco | ios | 12.2\(18\)sw | |
| cisco | ios | 12.2\(20\)ew | |
| cisco | multiservice_platform_2650 | * | |
| cisco | multiservice_platform_2650xm | * | |
| cisco | multiservice_platform_2651 | * | |
| cisco | multiservice_platform_2651xm | * | |
| cisco | 7200_router | * | |
| cisco | 7300_router | * | |
| cisco | 7500_router | * | |
| cisco | 7600_router | * | |
| cisco | catalyst_7600 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sz:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9BA55-F193-4BCA-ACC2-BBC892E9D7E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ew:*:*:*:*:*:*:*",
"matchCriteriaId": "9E49B392-5366-422D-A10E-EE4F3A33C4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ewa:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF707A6-5834-4295-8B38-17F279D49C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0E67EE-AF42-4B53-B70A-45562CE164D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)se:*:*:*:*:*:*:*",
"matchCriteriaId": "9E319ADC-C636-4933-BD50-B613677AD4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sv:*:*:*:*:*:*:*",
"matchCriteriaId": "1A15042D-EB07-4754-8144-947CDE669CAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sw:*:*:*:*:*:*:*",
"matchCriteriaId": "E58F4903-E834-4476-876F-8C144BD93D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)ew:*:*:*:*:*:*:*",
"matchCriteriaId": "955BF110-FFBE-4368-BE06-21AC794C53AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:multiservice_platform_2650:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92D41983-E6A8-4481-AA08-42DC92EC57EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:multiservice_platform_2650xm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6E0CA8-C89C-4CDD-8063-B10E6C122F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:multiservice_platform_2651:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19293B13-7FB1-4604-923D-E8760902E8BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:multiservice_platform_2651xm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E13135-48E1-4D8C-9C0D-4EBD9A858CBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:7200_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60DEA083-B9BC-42DB-A4F7-986A5A185DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:7300_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "239E1E03-7F82-48CE-943A-9228C9EDCF9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:7500_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCFAA111-F831-4BC9-BCD7-246ED6C0F3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*",
"matchCriteriaId": "6D4F49E8-9C23-422C-9913-9C11E7F9BF9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size."
}
],
"id": "CVE-2004-1111",
"lastModified": "2024-11-20T23:50:07.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/630104"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/630104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}