Search criteria
8 vulnerabilities found for mms-ease by sisco
VAR-200512-0384
Vulnerability from variot - Updated: 2023-12-18 13:54The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan. A vulnerability exists in the SISCO OSI stack for Windows. If successfully exploited, an attacker could cause a denial-of-service condition. The Inter-control Center Communications Protocol (ICCP) is a protocol for communicating data in the control center of a SCADA network. A remote attacker can exploit the vulnerability to perform a denial of service attack on the service. The SISCO OSI stack on the Windows platform incorrectly handles malformed packets, and remote unauthenticated users can perform denial of service attacks on services. This issue allows remote, unauthenticated attackers to crash affected applications, denying further service to legitimate users.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: SISCO OSI Stack Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA22047
VERIFY ADVISORY: http://secunia.com/advisories/22047/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
SOFTWARE: SISCO MMS-EASE 7.x http://secunia.com/product/12072/ SISCO ICCP Toolkit for MMS-EASE 4.x http://secunia.com/product/12073/ SISCO AX-S4 MMS 5.x http://secunia.com/product/12071/ SISCO AX-S4 ICCP 3.x http://secunia.com/product/12070/
DESCRIPTION: A vulnerability has been reported in various SISCO products, which can be exploited by malicious people to cause a DoS (Denial of Service).
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: SISCO: http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf
OTHER REFERENCES: US-CERT VU#468798: http://www.kb.cert.org/vuls/id/468798
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0384",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mms-ease",
"scope": "lte",
"trust": 1.0,
"vendor": "sisco",
"version": "7.10"
},
{
"model": "iccp toolkit for mms-ease",
"scope": "lte",
"trust": 1.0,
"vendor": "sisco",
"version": "4.10"
},
{
"model": "ax-s4 iccp",
"scope": "lte",
"trust": 1.0,
"vendor": "sisco",
"version": "3.0103"
},
{
"model": "ax-s4 mms",
"scope": "lte",
"trust": 1.0,
"vendor": "sisco",
"version": "5.01"
},
{
"model": "mms-ease",
"scope": "eq",
"trust": 0.9,
"vendor": "sisco",
"version": "7.10"
},
{
"model": "iccp toolkit for mms-ease",
"scope": "eq",
"trust": 0.9,
"vendor": "sisco",
"version": "4.10"
},
{
"model": "ax-s4 mms",
"scope": "eq",
"trust": 0.9,
"vendor": "sisco",
"version": "5.01"
},
{
"model": "ax-s4 iccp",
"scope": "eq",
"trust": 0.9,
"vendor": "sisco",
"version": "3.0103"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sisco integration specialists",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "iso stack",
"scope": "eq",
"trust": 0.3,
"vendor": "sisco",
"version": "3"
},
{
"model": "mms-ease",
"scope": "ne",
"trust": 0.3,
"vendor": "sisco",
"version": "8.03"
},
{
"model": "iccp toolkit for mms-ease",
"scope": "ne",
"trust": 0.3,
"vendor": "sisco",
"version": "5.03"
},
{
"model": "ax-s4 mms",
"scope": "ne",
"trust": 0.3,
"vendor": "sisco",
"version": "5.02"
},
{
"model": "ax-s4 iccp",
"scope": "ne",
"trust": 0.3,
"vendor": "sisco",
"version": "3.0155"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#468798"
},
{
"db": "CNVD",
"id": "CNVD-2006-7240"
},
{
"db": "BID",
"id": "20130"
},
{
"db": "NVD",
"id": "CVE-2005-4812"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-881"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sisco:mms-ease:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sisco:ax-s4_iccp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0103",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sisco:ax-s4_mms:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sisco:iccp_toolkit_for_mms-ease:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.10",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4812"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SISCOhttp://www.sisconet.com/products.htm",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-881"
}
],
"trust": 0.6
},
"cve": "CVE-2005-4812",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d72a49f-463f-11e9-a242-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "f56fee0e-1ff5-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-4812",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#468798",
"trust": 0.8,
"value": "0.92"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-881",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d72a49f-463f-11e9-a242-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f56fee0e-1ff5-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d72a49f-463f-11e9-a242-000c29342cb1"
},
{
"db": "IVD",
"id": "f56fee0e-1ff5-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#468798"
},
{
"db": "NVD",
"id": "CVE-2005-4812"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-881"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan. A vulnerability exists in the SISCO OSI stack for Windows. If successfully exploited, an attacker could cause a denial-of-service condition. The Inter-control Center Communications Protocol (ICCP) is a protocol for communicating data in the control center of a SCADA network. A remote attacker can exploit the vulnerability to perform a denial of service attack on the service. The SISCO OSI stack on the Windows platform incorrectly handles malformed packets, and remote unauthenticated users can perform denial of service attacks on services. \nThis issue allows remote, unauthenticated attackers to crash affected applications, denying further service to legitimate users. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\nSISCO OSI Stack Denial of Service Vulnerability\n\nSECUNIA ADVISORY ID:\nSA22047\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22047/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nSISCO MMS-EASE 7.x\nhttp://secunia.com/product/12072/\nSISCO ICCP Toolkit for MMS-EASE 4.x\nhttp://secunia.com/product/12073/\nSISCO AX-S4 MMS 5.x\nhttp://secunia.com/product/12071/\nSISCO AX-S4 ICCP 3.x\nhttp://secunia.com/product/12070/\n\nDESCRIPTION:\nA vulnerability has been reported in various SISCO products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nSISCO:\nhttp://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf\n\nOTHER REFERENCES:\nUS-CERT VU#468798:\nhttp://www.kb.cert.org/vuls/id/468798\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4812"
},
{
"db": "CERT/CC",
"id": "VU#468798"
},
{
"db": "CNVD",
"id": "CNVD-2006-7240"
},
{
"db": "BID",
"id": "20130"
},
{
"db": "IVD",
"id": "7d72a49f-463f-11e9-a242-000c29342cb1"
},
{
"db": "IVD",
"id": "f56fee0e-1ff5-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "50214"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#468798",
"trust": 3.4
},
{
"db": "BID",
"id": "20130",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "22047",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3733",
"trust": 1.6
},
{
"db": "NVD",
"id": "CVE-2005-4812",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2006-7240",
"trust": 1.0
},
{
"db": "XF",
"id": "29072",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "9306",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200512-881",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D72A49F-463F-11E9-A242-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "F56FEE0E-1FF5-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "50214",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d72a49f-463f-11e9-a242-000c29342cb1"
},
{
"db": "IVD",
"id": "f56fee0e-1ff5-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#468798"
},
{
"db": "CNVD",
"id": "CNVD-2006-7240"
},
{
"db": "BID",
"id": "20130"
},
{
"db": "PACKETSTORM",
"id": "50214"
},
{
"db": "NVD",
"id": "CVE-2005-4812"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-881"
}
]
},
"id": "VAR-200512-0384",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d72a49f-463f-11e9-a242-000c29342cb1"
},
{
"db": "IVD",
"id": "f56fee0e-1ff5-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-7240"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d72a49f-463f-11e9-a242-000c29342cb1"
},
{
"db": "IVD",
"id": "f56fee0e-1ff5-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-7240"
}
]
},
"last_update_date": "2023-12-18T13:54:14.660000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4812"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.sisconet.com/downloads/nessus_vulnerability_announcement.pdf"
},
{
"trust": 2.6,
"url": "http://www.kb.cert.org/vuls/id/468798"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22047"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/20130"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3733"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29072"
},
{
"trust": 0.8,
"url": "http://www.faqs.org/rfcs/rfc1006.html"
},
{
"trust": 0.8,
"url": "http://www.sisconet.com/downloads/mmsovrlg.pdf"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/29072"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3733"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/9306"
},
{
"trust": 0.3,
"url": "http://www.sisconet.com/products.htm"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12070/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12073/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22047/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12071/"
},
{
"trust": 0.1,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12072/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#468798"
},
{
"db": "CNVD",
"id": "CNVD-2006-7240"
},
{
"db": "BID",
"id": "20130"
},
{
"db": "PACKETSTORM",
"id": "50214"
},
{
"db": "NVD",
"id": "CVE-2005-4812"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-881"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d72a49f-463f-11e9-a242-000c29342cb1"
},
{
"db": "IVD",
"id": "f56fee0e-1ff5-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#468798"
},
{
"db": "CNVD",
"id": "CNVD-2006-7240"
},
{
"db": "BID",
"id": "20130"
},
{
"db": "PACKETSTORM",
"id": "50214"
},
{
"db": "NVD",
"id": "CVE-2005-4812"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-881"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-21T00:00:00",
"db": "IVD",
"id": "7d72a49f-463f-11e9-a242-000c29342cb1"
},
{
"date": "2006-09-21T00:00:00",
"db": "IVD",
"id": "f56fee0e-1ff5-11e6-abef-000c29c66e3d"
},
{
"date": "2006-09-20T00:00:00",
"db": "CERT/CC",
"id": "VU#468798"
},
{
"date": "2006-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-7240"
},
{
"date": "2006-09-20T00:00:00",
"db": "BID",
"id": "20130"
},
{
"date": "2006-09-21T23:56:25",
"db": "PACKETSTORM",
"id": "50214"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-4812"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-881"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-07-21T00:00:00",
"db": "CERT/CC",
"id": "VU#468798"
},
{
"date": "2006-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-7240"
},
{
"date": "2006-09-21T19:46:00",
"db": "BID",
"id": "20130"
},
{
"date": "2017-07-20T01:29:25.003000",
"db": "NVD",
"id": "CVE-2005-4812"
},
{
"date": "2006-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-881"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-881"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SISCO OSI stack fails to properly validate packets",
"sources": [
{
"db": "CERT/CC",
"id": "VU#468798"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-881"
}
],
"trust": 0.6
}
}
VAR-201612-0252
Vulnerability from variot - Updated: 2023-12-18 10:47The SNAP Lite component in certain SISCO MMS-EASE and AX-S4 ICCP products allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet. (CPU consumption of resources ) It may be in a state. SISCOMMS-EASE and AX-S4ICCP are products of SISCO Corporation of the United States. The former is a set of C language programming interface (API) for MMS (manufacturing message specification), and the latter is a set of data sharing software. SNAP-LiteUtility is one of the data mining and analysis components. There are security vulnerabilities in the SNAP-LiteUtility component V3.2000 in the SISCOMMS-EASE and AX-S4ICCP products. SISCO SNAP-Lite Utility is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause the application to enter an infinite loop and consume excessive CPU resources, resulting in denial-of-service conditions. SISCO SNAP-Lite Utility 3.2000 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201612-0252",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mms-ease",
"scope": "eq",
"trust": 1.9,
"vendor": "sisco",
"version": "11.2000"
},
{
"model": "ax-s4 iccp",
"scope": "eq",
"trust": 1.9,
"vendor": "sisco",
"version": "6.0000"
},
{
"model": "mms-ease",
"scope": null,
"trust": 1.6,
"vendor": "sisco",
"version": null
},
{
"model": "ax-s4 iccp",
"scope": null,
"trust": 1.6,
"vendor": "sisco",
"version": null
},
{
"model": "ax-s4 iccp",
"scope": "eq",
"trust": 0.6,
"vendor": "sisco",
"version": "3.2000"
},
{
"model": "mms-ease",
"scope": "eq",
"trust": 0.6,
"vendor": "sisco",
"version": "3.2000"
},
{
"model": "snap-lite utility",
"scope": "eq",
"trust": 0.3,
"vendor": "sisco",
"version": "3.2000"
},
{
"model": "snap-lite utility",
"scope": "ne",
"trust": 0.3,
"vendor": "sisco",
"version": "3.2000.2"
},
{
"model": "mms-ease",
"scope": "ne",
"trust": 0.3,
"vendor": "sisco",
"version": "11.8000.2"
},
{
"model": "mms-ease",
"scope": "ne",
"trust": 0.3,
"vendor": "sisco",
"version": "11.8000.1"
},
{
"model": "mms-ease",
"scope": "ne",
"trust": 0.3,
"vendor": "sisco",
"version": "11.3000.3"
},
{
"model": "mms-ease",
"scope": "ne",
"trust": 0.3,
"vendor": "sisco",
"version": "11.2000.2"
},
{
"model": "ax-s4 iccp",
"scope": "ne",
"trust": 0.3,
"vendor": "sisco",
"version": "6.0200"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13114"
},
{
"db": "BID",
"id": "95022"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007311"
},
{
"db": "NVD",
"id": "CVE-2015-6574"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-530"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sisco:mms-ease_firmware:11.2000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:sisco:mms-ease:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sisco:ax-s4_iccp_firmware:6.0000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:sisco:ax-s4_iccp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6574"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jerzy Kramarz of Portcullis.",
"sources": [
{
"db": "BID",
"id": "95022"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6574",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-6574",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-13114",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-84535",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-6574",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-6574",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-13114",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201612-530",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-84535",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-6574",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13114"
},
{
"db": "VULHUB",
"id": "VHN-84535"
},
{
"db": "VULMON",
"id": "CVE-2015-6574"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007311"
},
{
"db": "NVD",
"id": "CVE-2015-6574"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-530"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SNAP Lite component in certain SISCO MMS-EASE and AX-S4 ICCP products allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet. (CPU consumption of resources ) It may be in a state. SISCOMMS-EASE and AX-S4ICCP are products of SISCO Corporation of the United States. The former is a set of C language programming interface (API) for MMS (manufacturing message specification), and the latter is a set of data sharing software. SNAP-LiteUtility is one of the data mining and analysis components. There are security vulnerabilities in the SNAP-LiteUtility component V3.2000 in the SISCOMMS-EASE and AX-S4ICCP products. SISCO SNAP-Lite Utility is prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to cause the application to enter an infinite loop and consume excessive CPU resources, resulting in denial-of-service conditions. \nSISCO SNAP-Lite Utility 3.2000 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6574"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007311"
},
{
"db": "CNVD",
"id": "CNVD-2016-13114"
},
{
"db": "BID",
"id": "95022"
},
{
"db": "VULHUB",
"id": "VHN-84535"
},
{
"db": "VULMON",
"id": "CVE-2015-6574"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6574",
"trust": 4.3
},
{
"db": "BID",
"id": "95022",
"trust": 2.7
},
{
"db": "SIEMENS",
"id": "SSA-223771",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU91561630",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007311",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201612-530",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-13114",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-84535",
"trust": 0.1
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-14",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6574",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13114"
},
{
"db": "VULHUB",
"id": "VHN-84535"
},
{
"db": "VULMON",
"id": "CVE-2015-6574"
},
{
"db": "BID",
"id": "95022"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007311"
},
{
"db": "NVD",
"id": "CVE-2015-6574"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-530"
}
]
},
"id": "VAR-201612-0252",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13114"
},
{
"db": "VULHUB",
"id": "VHN-84535"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13114"
}
]
},
"last_update_date": "2023-12-18T10:47:59.099000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Vulnerability\u00a0Disclosure\u00a0for\u00a0CVE-2015-6574",
"trust": 0.8,
"url": "https://www.sisconet.com/wp-content/uploads/2016/04/secnote_cve-2015-6574-portcullis-20160426.pdf"
},
{
"title": "Patch for SISCOMMS-EASE and AX-S4ICCP Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/86585"
},
{
"title": "SISCO MMS-EASE and AX-S4 ICCP Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=66459"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13114"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007311"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-530"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.1
},
{
"problemtype": "resource management issues (CWE-399) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84535"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007311"
},
{
"db": "NVD",
"id": "CVE-2015-6574"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://www.sisconet.com/wp-content/uploads/2016/04/secnote_cve-2015-6574-portcullis-20160426.pdf"
},
{
"trust": 2.1,
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-6574/"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/95022"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223771.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91561630/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6574"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.3,
"url": "http://www.sisconet.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-14"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-13114"
},
{
"db": "VULHUB",
"id": "VHN-84535"
},
{
"db": "VULMON",
"id": "CVE-2015-6574"
},
{
"db": "BID",
"id": "95022"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007311"
},
{
"db": "NVD",
"id": "CVE-2015-6574"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-530"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-13114"
},
{
"db": "VULHUB",
"id": "VHN-84535"
},
{
"db": "VULMON",
"id": "CVE-2015-6574"
},
{
"db": "BID",
"id": "95022"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007311"
},
{
"db": "NVD",
"id": "CVE-2015-6574"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-530"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-13114"
},
{
"date": "2016-12-15T00:00:00",
"db": "VULHUB",
"id": "VHN-84535"
},
{
"date": "2016-12-15T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6574"
},
{
"date": "2016-01-13T00:00:00",
"db": "BID",
"id": "95022"
},
{
"date": "2017-01-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007311"
},
{
"date": "2016-12-15T22:59:00.413000",
"db": "NVD",
"id": "CVE-2015-6574"
},
{
"date": "2016-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-530"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-13114"
},
{
"date": "2022-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84535"
},
{
"date": "2022-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6574"
},
{
"date": "2017-01-12T02:04:00",
"db": "BID",
"id": "95022"
},
{
"date": "2022-12-19T08:21:00",
"db": "JVNDB",
"id": "JVNDB-2015-007311"
},
{
"date": "2022-12-13T12:15:17.873000",
"db": "NVD",
"id": "CVE-2015-6574"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-530"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-530"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific \u00a0SISCO\u00a0MMS-EASE\u00a0 and \u00a0AX-S4\u00a0ICCP\u00a0 of the product \u00a0SNAP\u00a0Lite\u00a0 Denial of service in components \u00a0(DoS)\u00a0 Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007311"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-530"
}
],
"trust": 0.6
}
}
FKIE_CVE-2006-6489
Vulnerability from fkie_nvd - Published: 2007-01-18 02:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malformed packets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sisco | ax-s4_iccp | 3.0103 | |
| sisco | ax-s4_iccp | 3.0155 | |
| sisco | ax-s4_mms | 5.01 | |
| sisco | ax-s4_mms | 5.02 | |
| sisco | iccp_toolkit | 4.10_for_mms-ease | |
| sisco | iccp_toolkit | 5.03_for_mms-ease | |
| sisco | iso_stack | 3 | |
| sisco | mms-ease | 7.10 | |
| sisco | mms-ease | 8.03 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sisco:ax-s4_iccp:3.0103:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6D8D02-23C8-4179-A51E-49C1DEBB9887",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:ax-s4_iccp:3.0155:*:*:*:*:*:*:*",
"matchCriteriaId": "70E95C78-669C-4C4E-A371-EB8A2E5AAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:ax-s4_mms:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9235F452-D257-4ED0-AF69-8822AB5BC1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:ax-s4_mms:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "99E1AC40-D010-4CFC-AAF6-B34AF1D424CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:iccp_toolkit:4.10_for_mms-ease:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDEA8B8-6F93-4147-A895-2B7ED1405173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:iccp_toolkit:5.03_for_mms-ease:*:*:*:*:*:*:*",
"matchCriteriaId": "B935268E-F399-43F5-9C4D-A734AEF536E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:iso_stack:3:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC2DA49-D5C7-4F4E-AB60-96E3BDB74124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:mms-ease:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D087740-2C93-41A6-A889-9CAAF8A2F6A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:mms-ease:8.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E34A9FE8-5553-4F76-BD1F-D5588701A56D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malformed packets."
},
{
"lang": "es",
"value": "La pila del SISCO OSI, como la usada en el SISCO MMS-EASE, ICCP Toolkit para MMS-EASE, AX-S4 MMS y AX-S4 ICCP y posiblemente otras aplicaciones de sistemas de control, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (terminaci\u00f3n de la aplicaci\u00f3n y reseteo) a trav\u00e9s de paquetes mal formados."
}
],
"id": "CVE-2006-6489",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-18T02:28:00.000",
"references": [
{
"source": "cret@cert.org",
"url": "http://osvdb.org/32924"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/23819"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/145825"
},
{
"source": "cret@cert.org",
"url": "http://www.kb.cert.org/vuls/id/MIMG-6TUHTT"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/22095"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2007/0237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/145825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kb.cert.org/vuls/id/MIMG-6TUHTT"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0237"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-4812
Vulnerability from fkie_nvd - Published: 2005-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sisco | ax-s4_iccp | * | |
| sisco | ax-s4_mms | * | |
| sisco | iccp_toolkit_for_mms-ease | * | |
| sisco | mms-ease | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sisco:ax-s4_iccp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB54DC0E-F2E2-4283-AFA1-4A6BE721F92D",
"versionEndIncluding": "3.0103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:ax-s4_mms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41A68A53-9DEE-4C33-88EB-2CEBA4C2A3D0",
"versionEndIncluding": "5.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:iccp_toolkit_for_mms-ease:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E738906E-A93A-485B-B6DF-0233AAEA7B67",
"versionEndIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sisco:mms-ease:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D4BEFA-E545-4C32-8F79-EB924406436A",
"versionEndIncluding": "7.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan."
}
],
"id": "CVE-2005-4812",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22047"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/468798"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20130"
},
{
"source": "cve@mitre.org",
"url": "http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3733"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/468798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29072"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2006-6489 (GCVE-0-2006-6489)
Vulnerability from cvelistv5 – Published: 2007-01-18 02:00 – Updated: 2024-08-07 20:26
VLAI?
Summary
The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malformed packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22095",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22095"
},
{
"name": "23819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23819"
},
{
"name": "32924",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32924"
},
{
"name": "VU#145825",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/145825"
},
{
"name": "ADV-2007-0237",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0237"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6TUHTT"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malformed packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-01-23T10:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "22095",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22095"
},
{
"name": "23819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23819"
},
{
"name": "32924",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32924"
},
{
"name": "VU#145825",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/145825"
},
{
"name": "ADV-2007-0237",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0237"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6TUHTT"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2006-6489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malformed packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22095",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22095"
},
{
"name": "23819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23819"
},
{
"name": "32924",
"refsource": "OSVDB",
"url": "http://osvdb.org/32924"
},
{
"name": "VU#145825",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/145825"
},
{
"name": "ADV-2007-0237",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0237"
},
{
"name": "http://www.kb.cert.org/vuls/id/MIMG-6TUHTT",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/MIMG-6TUHTT"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2006-6489",
"datePublished": "2007-01-18T02:00:00",
"dateReserved": "2006-12-12T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4812 (GCVE-0-2005-4812)
Vulnerability from cvelistv5 – Published: 2006-09-23 10:00 – Updated: 2024-08-08 00:01
VLAI?
Summary
The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22047"
},
{
"name": "20130",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20130"
},
{
"name": "ADV-2006-3733",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3733"
},
{
"name": "VU#468798",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/468798"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf"
},
{
"name": "sisco-osi-dos(29072)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29072"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22047"
},
{
"name": "20130",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20130"
},
{
"name": "ADV-2006-3733",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3733"
},
{
"name": "VU#468798",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/468798"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf"
},
{
"name": "sisco-osi-dos(29072)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29072"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4812",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22047",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22047"
},
{
"name": "20130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20130"
},
{
"name": "ADV-2006-3733",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3733"
},
{
"name": "VU#468798",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/468798"
},
{
"name": "http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf",
"refsource": "CONFIRM",
"url": "http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf"
},
{
"name": "sisco-osi-dos(29072)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29072"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4812",
"datePublished": "2006-09-23T10:00:00",
"dateReserved": "2006-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6489 (GCVE-0-2006-6489)
Vulnerability from nvd – Published: 2007-01-18 02:00 – Updated: 2024-08-07 20:26
VLAI?
Summary
The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malformed packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22095",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22095"
},
{
"name": "23819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23819"
},
{
"name": "32924",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32924"
},
{
"name": "VU#145825",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/145825"
},
{
"name": "ADV-2007-0237",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0237"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6TUHTT"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malformed packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-01-23T10:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "22095",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22095"
},
{
"name": "23819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23819"
},
{
"name": "32924",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32924"
},
{
"name": "VU#145825",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/145825"
},
{
"name": "ADV-2007-0237",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0237"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6TUHTT"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2006-6489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malformed packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22095",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22095"
},
{
"name": "23819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23819"
},
{
"name": "32924",
"refsource": "OSVDB",
"url": "http://osvdb.org/32924"
},
{
"name": "VU#145825",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/145825"
},
{
"name": "ADV-2007-0237",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0237"
},
{
"name": "http://www.kb.cert.org/vuls/id/MIMG-6TUHTT",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/MIMG-6TUHTT"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2006-6489",
"datePublished": "2007-01-18T02:00:00",
"dateReserved": "2006-12-12T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4812 (GCVE-0-2005-4812)
Vulnerability from nvd – Published: 2006-09-23 10:00 – Updated: 2024-08-08 00:01
VLAI?
Summary
The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22047"
},
{
"name": "20130",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20130"
},
{
"name": "ADV-2006-3733",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3733"
},
{
"name": "VU#468798",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/468798"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf"
},
{
"name": "sisco-osi-dos(29072)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29072"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22047"
},
{
"name": "20130",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20130"
},
{
"name": "ADV-2006-3733",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3733"
},
{
"name": "VU#468798",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/468798"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf"
},
{
"name": "sisco-osi-dos(29072)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29072"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4812",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22047",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22047"
},
{
"name": "20130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20130"
},
{
"name": "ADV-2006-3733",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3733"
},
{
"name": "VU#468798",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/468798"
},
{
"name": "http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf",
"refsource": "CONFIRM",
"url": "http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf"
},
{
"name": "sisco-osi-dos(29072)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29072"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4812",
"datePublished": "2006-09-23T10:00:00",
"dateReserved": "2006-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}