Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2007-AVI-090
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités sur les produits Cisco PIX, ASA et FWSM permettent de réaliser un déni de service à distance, de contourner la politique de sécurité ou d'élever ses privilèges.
Description
Plusieurs vulnérabilités affectent les produits Cisco précités :
- une erreur dans la méthode d'authentification LOCAL de PIX 6.x permet à un utilisateur authentifié malveillant disposant des privilèges minimaux (level 0) d'obtenir les privilèges maximaux (level 15) ;
- une erreur dans la gestion des listes de contrôle d'accès (ACL) par FWSM permet à un utilisateur malveillant de ne pas faire évaluer des règles de contrôle d'accès ou de les faire évaluer dans un ordre incorrect ;
- une erreur dans le traitement des packets SIP malformés provoque un rechargement du système ou un arrêt inopiné. Un utilisateur malveillant peut provoquer un déni de service à distance au moyen d'un paquet SIP conçu à cet effet ;
- une erreur dans l'inspection du trafic HTTP, quand cette inspection est activée, provoque le rechargement ou l'arrêt du système. Un utilisateur malveillant peut provoquer un déni de service à distance au moyen d'une communication HTTP conçue à cet effet ;
- une erreur dans l'inspection du trafic des protocoles basés sur TCP, quand cette inspection est activée, provoque le rechargement ou l'arrêt du système. Un utilisateur malveillant peut provoquer un déni de service à distance au moyen d'une communication basée sur TCP (HTTP, FTP...) conçue à cet effet ;
- Plusieurs erreurs affectant le traitement des requêtes HTTPS, SNMP et HTTP (URL longues) par FWSM 3.x provoquent le rechargement du système. Dans certaines conditions, un utilisateur malveillant peut provoquer un déni de service à distance au moyen de trafic conçu à cet effet.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cisco PIX 500 versions 6.x et 7.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco ASA 5500 versions 7.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Firewall Service Module (FWSM) versions 2.x et 3.x.",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s affectent les produits Cisco pr\u00e9cit\u00e9s :\n\n- une erreur dans la m\u00e9thode d\u0027authentification LOCAL de PIX 6.x\n permet \u00e0 un utilisateur authentifi\u00e9 malveillant disposant des\n privil\u00e8ges minimaux (level 0) d\u0027obtenir les privil\u00e8ges maximaux\n (level 15) ;\n- une erreur dans la gestion des listes de contr\u00f4le d\u0027acc\u00e8s (ACL) par\n FWSM permet \u00e0 un utilisateur malveillant de ne pas faire \u00e9valuer des\n r\u00e8gles de contr\u00f4le d\u0027acc\u00e8s ou de les faire \u00e9valuer dans un ordre\n incorrect ;\n- une erreur dans le traitement des packets SIP malform\u00e9s provoque un\n rechargement du syst\u00e8me ou un arr\u00eat inopin\u00e9. Un utilisateur\n malveillant peut provoquer un d\u00e9ni de service \u00e0 distance au moyen\n d\u0027un paquet SIP con\u00e7u \u00e0 cet effet ;\n- une erreur dans l\u0027inspection du trafic HTTP, quand cette inspection\n est activ\u00e9e, provoque le rechargement ou l\u0027arr\u00eat du syst\u00e8me. Un\n utilisateur malveillant peut provoquer un d\u00e9ni de service \u00e0 distance\n au moyen d\u0027une communication HTTP con\u00e7ue \u00e0 cet effet ;\n- une erreur dans l\u0027inspection du trafic des protocoles bas\u00e9s sur TCP,\n quand cette inspection est activ\u00e9e, provoque le rechargement ou\n l\u0027arr\u00eat du syst\u00e8me. Un utilisateur malveillant peut provoquer un\n d\u00e9ni de service \u00e0 distance au moyen d\u0027une communication bas\u00e9e sur\n TCP (HTTP, FTP...) con\u00e7ue \u00e0 cet effet ;\n- Plusieurs erreurs affectant le traitement des requ\u00eates HTTPS, SNMP\n et HTTP (URL longues) par FWSM 3.x provoquent le rechargement du\n syst\u00e8me. Dans certaines conditions, un utilisateur malveillant peut\n provoquer un d\u00e9ni de service \u00e0 distance au moyen de trafic con\u00e7u \u00e0\n cet effet.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-0966",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0966"
},
{
"name": "CVE-2007-0963",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0963"
},
{
"name": "CVE-2007-0964",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0964"
},
{
"name": "CVE-2007-0960",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0960"
},
{
"name": "CVE-2007-0967",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0967"
},
{
"name": "CVE-2007-0962",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0962"
},
{
"name": "CVE-2007-0968",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0968"
},
{
"name": "CVE-2007-0961",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0961"
},
{
"name": "CVE-2007-0965",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0965"
},
{
"name": "CVE-2007-0959",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0959"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco ID 77853 du 14 f\u00e9vrier 2007 :",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco ID 72327 du 14 f\u00e9vrier 2007 :",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"reference": "CERTA-2007-AVI-090",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-02-16T00:00:00.000000"
},
{
"description": "correction des liens.",
"revision_date": "2007-02-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s sur les produits \u003cspan class=\"textit\"\u003eCisco\nPIX, ASA\u003c/span\u003e et \u003cspan class=\"textit\"\u003eFWSM\u003c/span\u003e permettent de\nr\u00e9aliser un d\u00e9ni de service \u00e0 distance, de contourner la politique de\ns\u00e9curit\u00e9 ou d\u0027\u00e9lever ses privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s de produits Cisco",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins Cisco du 14 f\u00e9vrier 2007",
"url": null
}
]
}
CVE-2007-0964 (GCVE-0-2007-0964)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
EPSS
Summary
Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a malformed HTTPS request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use \"aaa authentication match\" or \"aaa authentication include\", allows remote attackers to cause a denial of service (device reboot) via a malformed HTTPS request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use \"aaa authentication match\" or \"aaa authentication include\", allows remote attackers to cause a denial of service (device reboot) via a malformed HTTPS request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0609",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0964",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-15T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0966 (GCVE-0-2007-0966)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
EPSS
Summary
Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.11), when the HTTPS server is enabled, allows remote attackers to cause a denial of service (device reboot) via certain HTTPS traffic.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-fwsm-http-dos(32497)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32497"
},
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "cisco-fwsm-https-server-dos(32513)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32513"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.11), when the HTTPS server is enabled, allows remote attackers to cause a denial of service (device reboot) via certain HTTPS traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cisco-fwsm-http-dos(32497)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32497"
},
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "cisco-fwsm-https-server-dos(32513)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32513"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.11), when the HTTPS server is enabled, allows remote attackers to cause a denial of service (device reboot) via certain HTTPS traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-fwsm-http-dos(32497)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32497"
},
{
"name": "ADV-2007-0609",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "cisco-fwsm-https-server-dos(32513)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32513"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0966",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-15T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0963 (GCVE-0-2007-0963)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
EPSS
Summary
Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.3), when set to log at the "debug" level, allows remote attackers to cause a denial of service (device reboot) by sending packets that are not of a particular protocol such as TCP or UDP, which triggers the reboot during generation of Syslog message 710006.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.3), when set to log at the \"debug\" level, allows remote attackers to cause a denial of service (device reboot) by sending packets that are not of a particular protocol such as TCP or UDP, which triggers the reboot during generation of Syslog message 710006."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.3), when set to log at the \"debug\" level, allows remote attackers to cause a denial of service (device reboot) by sending packets that are not of a particular protocol such as TCP or UDP, which triggers the reboot during generation of Syslog message 710006."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0609",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0963",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-15T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0962 (GCVE-0-2007-0962)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
EPSS
Summary
Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0608",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "24180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24180"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "1017651",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017651"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "cisco-pix-asa-http-dos(32486)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32486"
},
{
"name": "33055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33055"
},
{
"name": "22562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24160"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
},
{
"name": "1017652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017652"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when \"inspect http\" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0608",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "24180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24180"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "1017651",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017651"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "cisco-pix-asa-http-dos(32486)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32486"
},
{
"name": "33055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33055"
},
{
"name": "22562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24160"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
},
{
"name": "1017652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017652"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when \"inspect http\" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0608",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "24180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24180"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "1017651",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017651"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "cisco-pix-asa-http-dos(32486)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32486"
},
{
"name": "33055",
"refsource": "OSVDB",
"url": "http://osvdb.org/33055"
},
{
"name": "22562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24160"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
},
{
"name": "1017652",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017652"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0962",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-15T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0965 (GCVE-0-2007-0965)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
EPSS
Summary
Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use \"aaa authentication match\" or \"aaa authentication include\", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use \"aaa authentication match\" or \"aaa authentication include\", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0609",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0965",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-15T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0967 (GCVE-0-2007-0967)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
EPSS
Summary
Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.1) allows remote attackers to cause a denial of service (device reboot) via malformed SNMP requests.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "cisco-fwsm-snmp-dos(32515)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32515"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.1) allows remote attackers to cause a denial of service (device reboot) via malformed SNMP requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "cisco-fwsm-snmp-dos(32515)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32515"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.1) allows remote attackers to cause a denial of service (device reboot) via malformed SNMP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0609",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "cisco-fwsm-snmp-dos(32515)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32515"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0967",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-15T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0959 (GCVE-0-2007-0959)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
EPSS
Summary
Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to inspect certain TCP-based protocols, allows remote attackers to cause a denial of service (device reboot) via malformed TCP packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0608",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "1017651",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017651"
},
{
"name": "33062",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33062"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "cisco-pix-asa-tcp-dos(32488)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32488"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "22562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24160"
},
{
"name": "1017652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017652"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to inspect certain TCP-based protocols, allows remote attackers to cause a denial of service (device reboot) via malformed TCP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0608",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "1017651",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017651"
},
{
"name": "33062",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33062"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "cisco-pix-asa-tcp-dos(32488)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32488"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "22562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24160"
},
{
"name": "1017652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017652"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to inspect certain TCP-based protocols, allows remote attackers to cause a denial of service (device reboot) via malformed TCP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0608",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "1017651",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017651"
},
{
"name": "33062",
"refsource": "OSVDB",
"url": "http://osvdb.org/33062"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "cisco-pix-asa-tcp-dos(32488)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32488"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "22562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24160"
},
{
"name": "1017652",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017652"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0959",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-15T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0961 (GCVE-0-2007-0961)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
EPSS
Summary
Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), and 7.1 before 7.1(2.5), and the FWSM 3.x before 3.1(3.24), when the "inspect sip" option is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed SIP packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0608",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "24180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24180"
},
{
"name": "33054",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33054"
},
{
"name": "cisco-fwsm-sip-dos(32501)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32501"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "VU#430969",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/430969"
},
{
"name": "1017651",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017651"
},
{
"name": "24179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24179"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "cisco-pix-asa-sip-dos(32487)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32487"
},
{
"name": "22562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24160"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
},
{
"name": "1017652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017652"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), and 7.1 before 7.1(2.5), and the FWSM 3.x before 3.1(3.24), when the \"inspect sip\" option is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed SIP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0608",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "24180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24180"
},
{
"name": "33054",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33054"
},
{
"name": "cisco-fwsm-sip-dos(32501)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32501"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "VU#430969",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/430969"
},
{
"name": "1017651",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017651"
},
{
"name": "24179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24179"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "cisco-pix-asa-sip-dos(32487)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32487"
},
{
"name": "22562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24160"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
},
{
"name": "1017652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017652"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), and 7.1 before 7.1(2.5), and the FWSM 3.x before 3.1(3.24), when the \"inspect sip\" option is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed SIP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0608",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "24180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24180"
},
{
"name": "33054",
"refsource": "OSVDB",
"url": "http://osvdb.org/33054"
},
{
"name": "cisco-fwsm-sip-dos(32501)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32501"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "VU#430969",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/430969"
},
{
"name": "1017651",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017651"
},
{
"name": "24179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24179"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "cisco-pix-asa-sip-dos(32487)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32487"
},
{
"name": "22562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24160"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
},
{
"name": "1017652",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017652"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0961",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-15T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0960 (GCVE-0-2007-0960)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
EPSS
Summary
Unspecified vulnerability in Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to use the LOCAL authentication method, allows remote authenticated users to gain privileges via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0608",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "1017651",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017651"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "24179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24179"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "33063",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33063"
},
{
"name": "22562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24160"
},
{
"name": "1017652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017652"
},
{
"name": "cisco-pix-asa-local-privilege-escalation(32489)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32489"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to use the LOCAL authentication method, allows remote authenticated users to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0608",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "1017651",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017651"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "24179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24179"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "33063",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33063"
},
{
"name": "22562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24160"
},
{
"name": "1017652",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017652"
},
{
"name": "cisco-pix-asa-local-privilege-escalation(32489)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32489"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to use the LOCAL authentication method, allows remote authenticated users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0608",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0608"
},
{
"name": "1017651",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017651"
},
{
"name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
},
{
"name": "24179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24179"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "33063",
"refsource": "OSVDB",
"url": "http://osvdb.org/33063"
},
{
"name": "22562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22562"
},
{
"name": "24160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24160"
},
{
"name": "1017652",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017652"
},
{
"name": "cisco-pix-asa-local-privilege-escalation(32489)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32489"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0960",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-15T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0968 (GCVE-0-2007-0968)
Vulnerability from cvelistv5 – Published: 2007-02-16 00:00 – Updated: 2024-08-07 12:34
VLAI?
EPSS
Summary
Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "cisco-fwsm-acl-security-bypass(32521)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32521"
},
{
"name": "1017650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017650"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0609",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "cisco-fwsm-acl-security-bypass(32521)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32521"
},
{
"name": "1017650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017650"
},
{
"name": "24172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0968",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0609",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "cisco-fwsm-acl-security-bypass(32521)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32521"
},
{
"name": "1017650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017650"
},
{
"name": "24172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0968",
"datePublished": "2007-02-16T00:00:00",
"dateReserved": "2007-02-15T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…