cvelistv5 - cve-2007-1257

cve-2007-1257

Vulnerability from cvelistv5

Published

2007-03-03 20:00

Modified

2024-08-07 12:50

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/33066
cve@mitre.org	http://secunia.com/advisories/24344	Vendor Advisory
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/472412	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/22751
cve@mitre.org	http://www.securitytracker.com/id?1017710
cve@mitre.org	http://www.vupen.com/english/advisories/2007/0783
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/32750
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/33066
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24344	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/472412	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/22751
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1017710
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0783
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/32750
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:50:35.161Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20070228 Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
          },
          {
            "name": "VU#472412",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/472412"
          },
          {
            "name": "ADV-2007-0783",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0783"
          },
          {
            "name": "24344",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24344"
          },
          {
            "name": "22751",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22751"
          },
          {
            "name": "33066",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/33066"
          },
          {
            "name": "oval:org.mitre.oval:def:5188",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188"
          },
          {
            "name": "cisco-catalyst-nam-unauthorized-access(32750)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750"
          },
          {
            "name": "1017710",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017710"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-02-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20070228 Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
        },
        {
          "name": "VU#472412",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/472412"
        },
        {
          "name": "ADV-2007-0783",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0783"
        },
        {
          "name": "24344",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24344"
        },
        {
          "name": "22751",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22751"
        },
        {
          "name": "33066",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/33066"
        },
        {
          "name": "oval:org.mitre.oval:def:5188",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188"
        },
        {
          "name": "cisco-catalyst-nam-unauthorized-access(32750)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750"
        },
        {
          "name": "1017710",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017710"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1257",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070228 Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
            },
            {
              "name": "VU#472412",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/472412"
            },
            {
              "name": "ADV-2007-0783",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0783"
            },
            {
              "name": "24344",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24344"
            },
            {
              "name": "22751",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22751"
            },
            {
              "name": "33066",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/33066"
            },
            {
              "name": "oval:org.mitre.oval:def:5188",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188"
            },
            {
              "name": "cisco-catalyst-nam-unauthorized-access(32750)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750"
            },
            {
              "name": "1017710",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017710"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1257",
    "datePublished": "2007-03-03T20:00:00",
    "dateReserved": "2007-03-03T00:00:00",
    "dateUpdated": "2024-08-07T12:50:35.161Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:network_analysis_module:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD82BCCE-F68A-48A5-B484-98D9C3024E3A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A2AF1C7-23EB-4C13-AC71-4FA7E78E8ED7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2C1E3F7-D48E-4AF1-8205-33EB71E09E09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\\\\(1a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2DF345D-AD8A-4DE6-8136-6EF7B011E4B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC58B690-8D30-4A04-82AA-A827F87DEE02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41491D13-A3F9-464A-A84B-A58320838CBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\\\\(1a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD4D3F34-A1B3-4469-BF21-666FDAE9198B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B64454B8-75A5-4A63-A4DC-ECA17CFBCD7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19A1FA93-21B3-4CD4-8A62-C66D82CFB2D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\\\\(1a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32583745-9640-4032-B1E1-598ABB4E89A0\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address.\"}, {\"lang\": \"es\", \"value\": \"El M\\u00f3dulo Network Analysis (NAM) del Cisco Catalyst Series 6000, 6500 y 7600 permite a atacantes remotos ejecutar comandos de su elecci\\u00f3n mediante ciertos paquetes SNMP que son simulados desde la propia direcci\\u00f3n IP del NAM.\"}]",
      "evaluatorComment": "Per: http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml#@ID\r\n\r\n\"Only Cisco Catalyst systems that have a NAM on them are affected. This vulnerability affects systems that run Internetwork Operating System (IOS) or Catalyst Operating System (CatOS). \"",
      "id": "CVE-2007-1257",
      "lastModified": "2024-11-21T00:27:53.570",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-03-03T20:19:00.000",
      "references": "[{\"url\": \"http://osvdb.org/33066\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/24344\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/472412\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.securityfocus.com/bid/22751\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1017710\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/0783\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/32750\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/33066\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/24344\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/472412\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.securityfocus.com/bid/22751\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1017710\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/0783\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/32750\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-1257\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-03-03T20:19:00.000\",\"lastModified\":\"2024-11-21T00:27:53.570\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address.\"},{\"lang\":\"es\",\"value\":\"El M\u00f3dulo Network Analysis (NAM) del Cisco Catalyst Series 6000, 6500 y 7600 permite a atacantes remotos ejecutar comandos de su elecci\u00f3n mediante ciertos paquetes SNMP que son simulados desde la propia direcci\u00f3n IP del NAM.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:network_analysis_module:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD82BCCE-F68A-48A5-B484-98D9C3024E3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2AF1C7-23EB-4C13-AC71-4FA7E78E8ED7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2C1E3F7-D48E-4AF1-8205-33EB71E09E09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\\\\(1a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2DF345D-AD8A-4DE6-8136-6EF7B011E4B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC58B690-8D30-4A04-82AA-A827F87DEE02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41491D13-A3F9-464A-A84B-A58320838CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\\\\(1a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD4D3F34-A1B3-4469-BF21-666FDAE9198B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B64454B8-75A5-4A63-A4DC-ECA17CFBCD7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\\\\(1a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A1FA93-21B3-4CD4-8A62-C66D82CFB2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\\\\(1a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32583745-9640-4032-B1E1-598ABB4E89A0\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/33066\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/24344\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/472412\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/22751\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1017710\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0783\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/32750\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/33066\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/24344\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/472412\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/22751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1017710\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0783\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/32750\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"Per: http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml#@ID\\r\\n\\r\\n\\\"Only Cisco Catalyst systems that have a NAM on them are affected. This vulnerability affects systems that run Internetwork Operating System (IOS) or Catalyst Operating System (CatOS). \\\"\"}}"
  }
}

ghsa-m2j7-6q7v-wmpq

Vulnerability from github

Published

2022-05-01 17:51

Modified

2022-05-01 17:51

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-1257"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-03-03T20:19:00Z",
    "severity": "HIGH"
  },
  "details": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address.",
  "id": "GHSA-m2j7-6q7v-wmpq",
  "modified": "2022-05-01T17:51:44Z",
  "published": "2022-05-01T17:51:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1257"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/33066"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24344"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/472412"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/22751"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1017710"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/0783"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2007-1257

Vulnerability from fkie_nvd

Published

2007-03-03 20:19

Modified

2024-11-21 00:27

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/33066
cve@mitre.org	http://secunia.com/advisories/24344	Vendor Advisory
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/472412	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/22751
cve@mitre.org	http://www.securitytracker.com/id?1017710
cve@mitre.org	http://www.vupen.com/english/advisories/2007/0783
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/32750
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/33066
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24344	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/472412	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/22751
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1017710
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0783
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/32750
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188

Impacted products

Vendor	Product	Version
cisco	network_analysis_module	*
cisco	catalyst_6000_ws-svc-nam-1	2.2\(1a\)
cisco	catalyst_6000_ws-svc-nam-2	2.2\(1a\)
cisco	catalyst_6000_ws-x6380-nam	3.1\(1a\)
cisco	catalyst_6500_ws-svc-nam-1	2.2\(1a\)
cisco	catalyst_6500_ws-svc-nam-2	2.2\(1a\)
cisco	catalyst_6500_ws-x6380-nam	3.1\(1a\)
cisco	catalyst_7600_ws-svc-nam-1	2.2\(1a\)
cisco	catalyst_7600_ws-svc-nam-2	2.2\(1a\)
cisco	catalyst_7600_ws-x6380-nam	3.1\(1a\)

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:network_analysis_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD82BCCE-F68A-48A5-B484-98D9C3024E3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2AF1C7-23EB-4C13-AC71-4FA7E78E8ED7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A2C1E3F7-D48E-4AF1-8205-33EB71E09E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E2DF345D-AD8A-4DE6-8136-6EF7B011E4B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EC58B690-8D30-4A04-82AA-A827F87DEE02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "41491D13-A3F9-464A-A84B-A58320838CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DD4D3F34-A1B3-4469-BF21-666FDAE9198B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B64454B8-75A5-4A63-A4DC-ECA17CFBCD7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "19A1FA93-21B3-4CD4-8A62-C66D82CFB2D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "32583745-9640-4032-B1E1-598ABB4E89A0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address."
    },
    {
      "lang": "es",
      "value": "El M\u00f3dulo Network Analysis (NAM) del Cisco Catalyst Series 6000, 6500 y 7600 permite a atacantes remotos ejecutar comandos de su elecci\u00f3n mediante ciertos paquetes SNMP que son simulados desde la propia direcci\u00f3n IP del NAM."
    }
  ],
  "evaluatorComment": "Per: http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml#@ID\r\n\r\n\"Only Cisco Catalyst systems that have a NAM on them are affected. This vulnerability affects systems that run Internetwork Operating System (IOS) or Catalyst Operating System (CatOS). \"",
  "id": "CVE-2007-1257",
  "lastModified": "2024-11-21T00:27:53.570",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-03-03T20:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/33066"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24344"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/472412"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/22751"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017710"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0783"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/33066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24344"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/472412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/22751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0783"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address. According to Cisco Systems information NAM Model number WS-SVC-NAM-1, WS-SVC-NAM-2, WS-X6380-NAM Will be affected. For details, check the information provided by the vendor.Crafted by a third party SNMP Arbitrary commands may be executed due to packet processing. According to Cisco Systems information, the device may be completely controlled. An attacker can leverage this issue to gain complete control of the affected device. NAM uses the Simple Network Management Protocol (SNMP) to communicate with the Catalyst system.

Want a new job? http://secunia.com/secunia_vacancies/

Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/

TITLE: Cisco Products NAM SNMP Spoofing Vulnerability

SECUNIA ADVISORY ID: SA24344

VERIFY ADVISORY: http://secunia.com/advisories/24344/

CRITICAL: Moderately critical

IMPACT: System access

WHERE:

From local network

OPERATING SYSTEM: Cisco IOS R12.x http://secunia.com/product/50/ Cisco IOS 12.x http://secunia.com/product/182/ Cisco CATOS 8.x http://secunia.com/product/3564/ Cisco CATOS 7.x http://secunia.com/product/185/

SOFTWARE: Cisco Catalyst 6500 Series Network Analysis Module (NAM-1/NAM-2) http://secunia.com/product/2272/ Cisco Catalyst 6500 Series Network Analysis Module (First Generation) http://secunia.com/product/2271/

DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to compromise a vulnerable system.

SOLUTION: Update to a fixed version (see vendor advisory for details). http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200703-0084",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "catalyst 6500 ws-svc-nam-2",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.2\\(1a\\)"
      },
      {
        "model": "catalyst 6500 ws-svc-nam-1",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.2\\(1a\\)"
      },
      {
        "model": "catalyst 6000 ws-svc-nam-1",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.2\\(1a\\)"
      },
      {
        "model": "catalyst 6000 ws-svc-nam-2",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.2\\(1a\\)"
      },
      {
        "model": "catalyst 6000 ws-x6380-nam",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.1\\(1a\\)"
      },
      {
        "model": "catalyst 7600 ws-x6380-nam",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.1\\(1a\\)"
      },
      {
        "model": "catalyst 7600 ws-svc-nam-1",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.2\\(1a\\)"
      },
      {
        "model": "catalyst 6500 ws-x6380-nam",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.1\\(1a\\)"
      },
      {
        "model": "catalyst 7600 ws-svc-nam-2",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.2\\(1a\\)"
      },
      {
        "model": "network analysis module",
        "scope": null,
        "trust": 1.4,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "network analysis module",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "7600 series",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst 6000 series",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst 6500 series",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 ex",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2za",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2sy",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2sxf",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2sxe",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2sxd",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2sxb",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2sxa",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2sx",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2sgb",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2sga",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2sg",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2s",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2ixb",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2ixa",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2ewa",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2ew",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2eu",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios zu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.2"
      },
      {
        "model": "ios 12.1ex",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1e",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5(5)"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5(4)"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5(3)"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5(2)"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5(1)"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6(19)"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6(18)"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6(17)"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6(16)"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6(15)"
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6500"
      },
      {
        "model": "catalyst",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "60000"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7600"
      },
      {
        "model": "ios 12.2 sra2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 sga1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 sg1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 s",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 zu1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 sxf5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 sxe6a",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 sxd7a",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 s5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 ixb2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 s3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 e1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.1 e8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catos",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5(6)"
      },
      {
        "model": "catos",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5(5.3)"
      },
      {
        "model": "catos",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6(20)"
      },
      {
        "model": "catos",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6(19.2)"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472412"
      },
      {
        "db": "BID",
        "id": "22751"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000183"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1257"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-133"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:network_analysis_module:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-1257"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Security bulletin",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-133"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2007-1257",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": true,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2007-1257",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-24619",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2007-1257",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#472412",
            "trust": 0.8,
            "value": "9.37"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200703-133",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-24619",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472412"
      },
      {
        "db": "VULHUB",
        "id": "VHN-24619"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000183"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1257"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-133"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address. According to Cisco Systems information NAM Model number WS-SVC-NAM-1, WS-SVC-NAM-2, WS-X6380-NAM Will be affected. For details, check the information provided by the vendor.Crafted by a third party SNMP Arbitrary commands may be executed due to packet processing. According to Cisco Systems information, the device may be completely controlled. \nAn attacker can leverage this issue to gain complete control of the affected device. NAM uses the Simple Network Management Protocol (SNMP) to communicate with the Catalyst system. \n\n----------------------------------------------------------------------\n\nWant a new job?\nhttp://secunia.com/secunia_vacancies/\n\nSecunia is looking for new researchers with a reversing background\nand experience in writing exploit code:\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\nhttp://secunia.com/Disassembling_og_Reversing/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Products NAM SNMP Spoofing Vulnerability\n\nSECUNIA ADVISORY ID:\nSA24344\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24344/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nCisco IOS R12.x\nhttp://secunia.com/product/50/\nCisco IOS 12.x\nhttp://secunia.com/product/182/\nCisco CATOS 8.x\nhttp://secunia.com/product/3564/\nCisco CATOS 7.x\nhttp://secunia.com/product/185/\n\nSOFTWARE:\nCisco Catalyst 6500 Series Network Analysis Module (NAM-1/NAM-2)\nhttp://secunia.com/product/2272/\nCisco Catalyst 6500 Series Network Analysis Module (First Generation)\nhttp://secunia.com/product/2271/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to compromise a vulnerable\nsystem. \n\nSOLUTION:\nUpdate to a fixed version (see vendor advisory for details). \nhttp://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-1257"
      },
      {
        "db": "CERT/CC",
        "id": "VU#472412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000183"
      },
      {
        "db": "BID",
        "id": "22751"
      },
      {
        "db": "VULHUB",
        "id": "VHN-24619"
      },
      {
        "db": "PACKETSTORM",
        "id": "54746"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#472412",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "22751",
        "trust": 2.8
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1257",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "24344",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1017710",
        "trust": 2.5
      },
      {
        "db": "OSVDB",
        "id": "33066",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-0783",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000183",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-133",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "32750",
        "trust": 0.6
      },
      {
        "db": "CISCO",
        "id": "20070228 CISCO CATALYST 6000, 6500 SERIES AND CISCO 7600 SERIES NAM (NETWORK ANALYSIS MODULE) VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "OVAL",
        "id": "OVAL:ORG.MITRE.OVAL:DEF:5188",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-24619",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "54746",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472412"
      },
      {
        "db": "VULHUB",
        "id": "VHN-24619"
      },
      {
        "db": "BID",
        "id": "22751"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000183"
      },
      {
        "db": "PACKETSTORM",
        "id": "54746"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1257"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-133"
      }
    ]
  },
  "id": "VAR-200703-0084",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24619"
      }
    ],
    "trust": 0.4056849
  },
  "last_update_date": "2023-12-18T12:39:53.932000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20070228-nam",
        "trust": 0.8,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000183"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24619"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000183"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1257"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
      },
      {
        "trust": 2.8,
        "url": "http://www.kb.cert.org/vuls/id/472412"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/22751"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/33066"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id?1017710"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/24344"
      },
      {
        "trust": 1.1,
        "url": "http://www.cisco.com/en/us/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080394e09.html"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5188"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/0783"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/24344/"
      },
      {
        "trust": 0.8,
        "url": "http://www.cisco.com/warp/public/707/cisco-air-20070228-nam.shtml"
      },
      {
        "trust": 0.8,
        "url": "http://securitytracker.com/alerts/2007/feb/1017710.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1257"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-1257"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/32750"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/0783"
      },
      {
        "trust": 0.6,
        "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5188"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/50/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3564/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/disassembling_og_reversing/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2271/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_vacancies/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2272/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/182/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/185/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472412"
      },
      {
        "db": "VULHUB",
        "id": "VHN-24619"
      },
      {
        "db": "BID",
        "id": "22751"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000183"
      },
      {
        "db": "PACKETSTORM",
        "id": "54746"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1257"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-133"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#472412"
      },
      {
        "db": "VULHUB",
        "id": "VHN-24619"
      },
      {
        "db": "BID",
        "id": "22751"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000183"
      },
      {
        "db": "PACKETSTORM",
        "id": "54746"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1257"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-133"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-03-02T00:00:00",
        "db": "CERT/CC",
        "id": "VU#472412"
      },
      {
        "date": "2007-03-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-24619"
      },
      {
        "date": "2007-02-28T00:00:00",
        "db": "BID",
        "id": "22751"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-000183"
      },
      {
        "date": "2007-03-05T23:12:53",
        "db": "PACKETSTORM",
        "id": "54746"
      },
      {
        "date": "2007-03-03T20:19:00",
        "db": "NVD",
        "id": "CVE-2007-1257"
      },
      {
        "date": "2007-02-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200703-133"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-03-22T00:00:00",
        "db": "CERT/CC",
        "id": "VU#472412"
      },
      {
        "date": "2017-10-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-24619"
      },
      {
        "date": "2015-05-12T19:34:00",
        "db": "BID",
        "id": "22751"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-000183"
      },
      {
        "date": "2017-10-11T01:31:48.097000",
        "db": "NVD",
        "id": "CVE-2007-1257"
      },
      {
        "date": "2009-03-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200703-133"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-133"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Catalyst Systems with a NAM may allow system access via spoofing the SNMP communication",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472412"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200703-133"
      }
    ],
    "trust": 0.6
  }
}

gsd-2007-1257

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-1257

Aliases

CVE-2007-1257

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-1257",
    "description": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address.",
    "id": "GSD-2007-1257"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-1257"
      ],
      "details": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address.",
      "id": "GSD-2007-1257",
      "modified": "2023-12-13T01:21:40.100468Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-1257",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20070228 Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
          },
          {
            "name": "VU#472412",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/472412"
          },
          {
            "name": "ADV-2007-0783",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/0783"
          },
          {
            "name": "24344",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/24344"
          },
          {
            "name": "22751",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/22751"
          },
          {
            "name": "33066",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/33066"
          },
          {
            "name": "oval:org.mitre.oval:def:5188",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188"
          },
          {
            "name": "cisco-catalyst-nam-unauthorized-access(32750)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750"
          },
          {
            "name": "1017710",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1017710"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:network_analysis_module:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1257"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070228 Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
            },
            {
              "name": "VU#472412",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/472412"
            },
            {
              "name": "22751",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/22751"
            },
            {
              "name": "1017710",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1017710"
            },
            {
              "name": "24344",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24344"
            },
            {
              "name": "33066",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/33066"
            },
            {
              "name": "ADV-2007-0783",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/0783"
            },
            {
              "name": "cisco-catalyst-nam-unauthorized-access(32750)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750"
            },
            {
              "name": "oval:org.mitre.oval:def:5188",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-10-11T01:31Z",
      "publishedDate": "2007-03-03T20:19Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2007-1257

Vulnerability from cvelistv5

ghsa-m2j7-6q7v-wmpq

Vulnerability from github

cve-2007-1257

Vulnerability from fkie_nvd

var-200703-0084

Vulnerability from variot

gsd-2007-1257

Vulnerability from gsd

Tags

Sightings

Nomenclature