cvelistv5 - cve-2008-2057

cve-2008-2057

Vulnerability from cvelistv5

Published

2008-06-04 21:00

Modified

2024-08-07 08:49

Severity ?

Summary

References

URL	Tags
ykramarz@cisco.com	http://secunia.com/advisories/30552
ykramarz@cisco.com	http://securitytracker.com/id?1020180
ykramarz@cisco.com	http://securitytracker.com/id?1020181
ykramarz@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml	Patch
ykramarz@cisco.com	http://www.vupen.com/english/advisories/2008/1750/references
ykramarz@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/42837
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30552
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020180
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020181
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1750/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42837

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:49:56.931Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1020180",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020180"
          },
          {
            "name": "1020181",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020181"
          },
          {
            "name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
          },
          {
            "name": "30552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30552"
          },
          {
            "name": "cisco-asa-pix-im-dos(42837)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42837"
          },
          {
            "name": "ADV-2008-1750",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1750/references"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1020180",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020180"
        },
        {
          "name": "1020181",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020181"
        },
        {
          "name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
        },
        {
          "name": "30552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30552"
        },
        {
          "name": "cisco-asa-pix-im-dos(42837)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42837"
        },
        {
          "name": "ADV-2008-1750",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1750/references"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2008-2057",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1020180",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020180"
            },
            {
              "name": "1020181",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020181"
            },
            {
              "name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
            },
            {
              "name": "30552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30552"
            },
            {
              "name": "cisco-asa-pix-im-dos(42837)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42837"
            },
            {
              "name": "ADV-2008-1750",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1750/references"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2008-2057",
    "datePublished": "2008-06-04T21:00:00",
    "dateReserved": "2008-05-02T00:00:00",
    "dateUpdated": "2024-08-07T08:49:56.931Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:pix_security_appliance:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACF15BCE-C6B3-47CB-B716-51B95398A253\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F8681FC-05B5-4AE3-A9CF-51879254404E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95627941-30D8-452F-B6C8-76D2BEE93514\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.\"}, {\"lang\": \"es\", \"value\": \"Motor de inspecci\\u00f3n  Instant Messenger  en  Cisco Adaptive Security Appliance ASA) y Cisco PIX security appliance 7.2.x anterior 7.2(4), 8.0.x anterior a 8.0(3)10, y 8.1.x anterior a 8.1(1)2, permite a atacantes remotos provocar una denegaci\\u00f3n de servicio a trasv\\u00e9s de un paquete manipulado.\"}]",
      "id": "CVE-2008-2057",
      "lastModified": "2024-11-21T00:45:59.200",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:N/I:N/A:C\", \"baseScore\": 5.4, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 4.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2008-06-04T21:32:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/30552\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://securitytracker.com/id?1020180\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://securitytracker.com/id?1020181\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1750/references\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/42837\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://secunia.com/advisories/30552\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1020180\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1020181\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1750/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/42837\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-2057\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2008-06-04T21:32:00.000\",\"lastModified\":\"2024-11-21T00:45:59.200\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.\"},{\"lang\":\"es\",\"value\":\"Motor de inspecci\u00f3n  Instant Messenger  en  Cisco Adaptive Security Appliance ASA) y Cisco PIX security appliance 7.2.x anterior 7.2(4), 8.0.x anterior a 8.0(3)10, y 8.1.x anterior a 8.1(1)2, permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trasv\u00e9s de un paquete manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:N/I:N/A:C\",\"baseScore\":5.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:pix_security_appliance:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACF15BCE-C6B3-47CB-B716-51B95398A253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F8681FC-05B5-4AE3-A9CF-51879254404E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95627941-30D8-452F-B6C8-76D2BEE93514\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/30552\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://securitytracker.com/id?1020180\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://securitytracker.com/id?1020181\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1750/references\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/42837\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://secunia.com/advisories/30552\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1020180\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1020181\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1750/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/42837\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-gx6q-7vqv-xvp8

Vulnerability from github

Published

2022-05-01 23:46

Modified

2022-05-01 23:46

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-2057"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-06-04T21:32:00Z",
    "severity": "MODERATE"
  },
  "details": "The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.",
  "id": "GHSA-gx6q-7vqv-xvp8",
  "modified": "2022-05-01T23:46:13Z",
  "published": "2022-05-01T23:46:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2057"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42837"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30552"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1020180"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1020181"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1750/references"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet. Cisco PIX and Cisco ASA are prone to multiple denial-of-service vulnerabilities and an unauthorized-access vulnerability. An attacker can exploit these issues to bypass ACL lists and to cause an affected device to reboot or crash. Cisco ASA and Cisco PIX IM inspection engines are used to apply fine-grained control over IM usage in the network.

1) An unspecified error in the processing of TCP ACK packets can be exploited to cause a DoS by sending a specially crafted packet to an affected device.

This vulnerability affects software versions 7.1.x, 7.2.x, and 8.0.x.

2) An unspecified error in the handling of the TLS protocol can be exploited to cause an affected device to reload by sending a specially crafted TLS packet to an affected device.

This vulnerability affects software version 8.0.x and 8.1.x.

3) An unspecified error in the Instant Messaging Inspection can be exploited to cause a DoS.

Successful exploitation requires that Instant Messaging Inspection is enabled.

This vulnerability affects software versions 7.2.x, 8.0.x, and 8.1.x.

4) An unspecified error can be exploited to cause an affected system to reload via specially crafted network traffic (e.g. by certain vulnerability / port scanners) to TCP port 443.

This vulnerability affects software versions 7.2.x and 8.0.x.

5) An unspecified error causes the control-plane access control lists (ACL) to not work properly, which can be exploited to bypass configured control-plane ACLs.

This vulnerability affects software versions 8.0.x.

NOTE: Depending on the configuration some of the vulnerabilities are exploitable via the outside interface (please see the vendor's advisory for more information).

SOLUTION: Update to fixed versions (please see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200806-0197",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.2.2"
      },
      {
        "model": "pix security appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "pix security appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.2"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "8.1"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "7.2"
      },
      {
        "model": "adaptive security appliance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "adaptive security appliance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7.2"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(3)006"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.0.4.3"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.0.4"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1(2.5)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.0"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(4)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1(2)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(2.15)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(1)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.0.1.4"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1(2.27)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.(2.17)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.(2.16)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0(2)17"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(2.24)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.1(1)1"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(2.14)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(1.22)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0(3)10"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0(3)9"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(3)2"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.(2.7)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.(2.8)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0(2)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0(3)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.2"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.(2.49)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.1(1)2"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.(2.19)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(2)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1(2.55)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(2.10)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.(2.48)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1(2)70"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "29541"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001423"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2057"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-071"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:pix_security_appliance:7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-2057"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Security bulletin",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-071"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2008-2057",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.4,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.9,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 5.4,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2008-2057",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.4,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.9,
            "id": "VHN-32182",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2008-2057",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200806-071",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-32182",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32182"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001423"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2057"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-071"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet. Cisco PIX and Cisco ASA are prone to multiple denial-of-service vulnerabilities and an unauthorized-access vulnerability. \nAn attacker can exploit these issues to bypass ACL lists and to cause an affected device to reboot or crash. Cisco ASA and Cisco PIX IM inspection engines are used to apply fine-grained control over IM usage in the network. \n\n1) An unspecified error in the processing of TCP ACK packets can be\nexploited to cause a DoS by sending a specially crafted packet to an\naffected device. \n\nThis vulnerability affects software versions 7.1.x, 7.2.x, and\n8.0.x. \n\n2) An unspecified error in the handling of the TLS protocol can be\nexploited to cause an affected device to reload by sending a\nspecially crafted TLS packet to an affected device. \n\nThis vulnerability affects software version 8.0.x and 8.1.x. \n\n3) An unspecified error in the Instant Messaging Inspection can be\nexploited to cause a DoS. \n\nSuccessful exploitation requires that Instant Messaging Inspection is\nenabled. \n\nThis vulnerability affects software versions 7.2.x, 8.0.x, and\n8.1.x. \n\n4) An unspecified error can be exploited to cause an affected system\nto reload via specially crafted network traffic (e.g. by certain\nvulnerability / port scanners) to TCP port 443. \n\nThis vulnerability affects software versions 7.2.x and 8.0.x. \n\n5) An unspecified error causes the control-plane access control lists\n(ACL) to not work properly, which can be exploited to bypass\nconfigured control-plane ACLs. \n\nThis vulnerability affects software versions 8.0.x. \n\nNOTE: Depending on the configuration some of the vulnerabilities are\nexploitable via the outside interface (please see the vendor\u0027s\nadvisory for more information). \n\nSOLUTION:\nUpdate to fixed versions (please see the vendor\u0027s advisory for\ndetails). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-2057"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001423"
      },
      {
        "db": "BID",
        "id": "29541"
      },
      {
        "db": "VULHUB",
        "id": "VHN-32182"
      },
      {
        "db": "PACKETSTORM",
        "id": "67053"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-2057",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "30552",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1020181",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1020180",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-1750",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "42837",
        "trust": 1.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001423",
        "trust": 0.8
      },
      {
        "db": "CISCO",
        "id": "20080604 MULTIPLE VULNERABILITIES IN CISCO PIX AND CISCO ASA",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-071",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "29541",
        "trust": 0.3
      },
      {
        "db": "VULHUB",
        "id": "VHN-32182",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "67053",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32182"
      },
      {
        "db": "BID",
        "id": "29541"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001423"
      },
      {
        "db": "PACKETSTORM",
        "id": "67053"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2057"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-071"
      }
    ]
  },
  "id": "VAR-200806-0197",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32182"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:39:30.808000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20080604-asa",
        "trust": 0.8,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809a8354.shtml"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001423"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-2057"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/30552"
      },
      {
        "trust": 2.1,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809a8354.shtml"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1020180"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1020181"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/42837"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2008/1750/references"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42837"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2057"
      },
      {
        "trust": 0.8,
        "url": "http://www.frsirt.com/english/advisories/2008/1750"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2057"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1020181"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1020180"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2008/1750/references"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a00809a8359.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/493078"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/16163/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6102/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/30552/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_specialist/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/16164/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6115/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32182"
      },
      {
        "db": "BID",
        "id": "29541"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001423"
      },
      {
        "db": "PACKETSTORM",
        "id": "67053"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2057"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-071"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-32182"
      },
      {
        "db": "BID",
        "id": "29541"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001423"
      },
      {
        "db": "PACKETSTORM",
        "id": "67053"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2057"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-071"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-06-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-32182"
      },
      {
        "date": "2008-06-04T00:00:00",
        "db": "BID",
        "id": "29541"
      },
      {
        "date": "2008-06-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-001423"
      },
      {
        "date": "2008-06-06T22:51:33",
        "db": "PACKETSTORM",
        "id": "67053"
      },
      {
        "date": "2008-06-04T21:32:00",
        "db": "NVD",
        "id": "CVE-2008-2057"
      },
      {
        "date": "2008-06-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200806-071"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-32182"
      },
      {
        "date": "2008-06-04T00:00:00",
        "db": "BID",
        "id": "29541"
      },
      {
        "date": "2008-06-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-001423"
      },
      {
        "date": "2023-08-11T19:03:30.373000",
        "db": "NVD",
        "id": "CVE-2008-2057"
      },
      {
        "date": "2008-09-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200806-071"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-071"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco PIX/ASA of  Instant Messenger (IM) Service disruption in the audit engine  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001423"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-071"
      }
    ],
    "trust": 0.6
  }
}

cve-2008-2057

Vulnerability from fkie_nvd

Published

2008-06-04 21:32

Modified

2024-11-21 00:45

Severity ?

Summary

References

URL	Tags
ykramarz@cisco.com	http://secunia.com/advisories/30552
ykramarz@cisco.com	http://securitytracker.com/id?1020180
ykramarz@cisco.com	http://securitytracker.com/id?1020181
ykramarz@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml	Patch
ykramarz@cisco.com	http://www.vupen.com/english/advisories/2008/1750/references
ykramarz@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/42837
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30552
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020180
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020181
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1750/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42837

Impacted products

Vendor	Product	Version
cisco	pix_security_appliance	7.2
cisco	pix_security_appliance	8.0
cisco	adaptive_security_appliance_software	7.2.2
cisco	adaptive_security_appliance_software	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:pix_security_appliance:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACF15BCE-C6B3-47CB-B716-51B95398A253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F8681FC-05B5-4AE3-A9CF-51879254404E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "95627941-30D8-452F-B6C8-76D2BEE93514",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet."
    },
    {
      "lang": "es",
      "value": "Motor de inspecci\u00f3n  Instant Messenger  en  Cisco Adaptive Security Appliance ASA) y Cisco PIX security appliance 7.2.x anterior 7.2(4), 8.0.x anterior a 8.0(3)10, y 8.1.x anterior a 8.1(1)2, permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trasv\u00e9s de un paquete manipulado."
    }
  ],
  "id": "CVE-2008-2057",
  "lastModified": "2024-11-21T00:45:59.200",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 5.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-06-04T21:32:00.000",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "url": "http://secunia.com/advisories/30552"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://securitytracker.com/id?1020180"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://securitytracker.com/id?1020181"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2008/1750/references"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42837"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30552"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020181"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1750/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42837"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2008-2057

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2008-2057

Aliases

CVE-2008-2057

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-2057",
    "description": "The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.",
    "id": "GSD-2008-2057"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-2057"
      ],
      "details": "The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.",
      "id": "GSD-2008-2057",
      "modified": "2023-12-13T01:23:00.951557Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2008-2057",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1020180",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1020180"
          },
          {
            "name": "1020181",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1020181"
          },
          {
            "name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
          },
          {
            "name": "30552",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30552"
          },
          {
            "name": "cisco-asa-pix-im-dos(42837)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42837"
          },
          {
            "name": "ADV-2008-1750",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/1750/references"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:pix_security_appliance:7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2008-2057"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
              "refsource": "CISCO",
              "tags": [
                "Patch"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
            },
            {
              "name": "1020180",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1020180"
            },
            {
              "name": "1020181",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1020181"
            },
            {
              "name": "30552",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30552"
            },
            {
              "name": "ADV-2008-1750",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1750/references"
            },
            {
              "name": "cisco-asa-pix-im-dos(42837)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42837"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.4,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2023-08-11T19:03Z",
      "publishedDate": "2008-06-04T21:32Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2008-2057

Vulnerability from cvelistv5

ghsa-gx6q-7vqv-xvp8

Vulnerability from github

var-200806-0197

Vulnerability from variot

cve-2008-2057

Vulnerability from fkie_nvd

gsd-2008-2057

Vulnerability from gsd

Tags

Sightings

Nomenclature