cvelistv5 - cve-2008-2058

cve-2008-2058

Vulnerability from cvelistv5

Published

2008-06-04 21:00

Modified

2024-08-07 08:49

Severity ?

Summary

References

URL	Tags
ykramarz@cisco.com	http://secunia.com/advisories/30552
ykramarz@cisco.com	http://securitytracker.com/id?1020182
ykramarz@cisco.com	http://securitytracker.com/id?1020183
ykramarz@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml	Patch
ykramarz@cisco.com	http://www.vupen.com/english/advisories/2008/1750/references
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30552
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020182
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020183
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1750/references

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:49:57.403Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1020183",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020183"
          },
          {
            "name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
          },
          {
            "name": "30552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30552"
          },
          {
            "name": "1020182",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020182"
          },
          {
            "name": "ADV-2008-1750",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1750/references"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-06-12T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1020183",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020183"
        },
        {
          "name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
        },
        {
          "name": "30552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30552"
        },
        {
          "name": "1020182",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020182"
        },
        {
          "name": "ADV-2008-1750",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1750/references"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2008-2058",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1020183",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020183"
            },
            {
              "name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
            },
            {
              "name": "30552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30552"
            },
            {
              "name": "1020182",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020182"
            },
            {
              "name": "ADV-2008-1750",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1750/references"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2008-2058",
    "datePublished": "2008-06-04T21:00:00",
    "dateReserved": "2008-05-02T00:00:00",
    "dateUpdated": "2024-08-07T08:49:57.403Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:pix_security_appliance:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACF15BCE-C6B3-47CB-B716-51B95398A253\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F8681FC-05B5-4AE3-A9CF-51879254404E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95627941-30D8-452F-B6C8-76D2BEE93514\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.\"}, {\"lang\": \"es\", \"value\": \"Cisco Adaptive Security Appliance (ASA) y Cisco PIX security appliance 7.2.x anterior a 7.2(3)2 y v8.0.x  anterior a 8.0(2)17, permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (reinicio de dispositivo) mediante un escaneo de puerto hacia el 443.\"}]",
      "id": "CVE-2008-2058",
      "lastModified": "2024-11-21T00:45:59.307",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-06-04T21:32:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/30552\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://securitytracker.com/id?1020182\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://securitytracker.com/id?1020183\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1750/references\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://secunia.com/advisories/30552\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1020182\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1020183\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1750/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-2058\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2008-06-04T21:32:00.000\",\"lastModified\":\"2024-11-21T00:45:59.307\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.\"},{\"lang\":\"es\",\"value\":\"Cisco Adaptive Security Appliance (ASA) y Cisco PIX security appliance 7.2.x anterior a 7.2(3)2 y v8.0.x  anterior a 8.0(2)17, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de dispositivo) mediante un escaneo de puerto hacia el 443.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:pix_security_appliance:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACF15BCE-C6B3-47CB-B716-51B95398A253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F8681FC-05B5-4AE3-A9CF-51879254404E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95627941-30D8-452F-B6C8-76D2BEE93514\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/30552\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://securitytracker.com/id?1020182\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://securitytracker.com/id?1020183\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1750/references\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://secunia.com/advisories/30552\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1020182\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1020183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1750/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device. interferes with service operation (DoS) There is a possibility of being put into a state. Cisco PIX and Cisco ASA are prone to multiple denial-of-service vulnerabilities and an unauthorized-access vulnerability. An attacker can exploit these issues to bypass ACL lists and to cause an affected device to reboot or crash. Certain vulnerability/port scanners can cause system overloads.

1) An unspecified error in the processing of TCP ACK packets can be exploited to cause a DoS by sending a specially crafted packet to an affected device.

This vulnerability affects software versions 7.1.x, 7.2.x, and 8.0.x.

2) An unspecified error in the handling of the TLS protocol can be exploited to cause an affected device to reload by sending a specially crafted TLS packet to an affected device.

This vulnerability affects software version 8.0.x and 8.1.x.

3) An unspecified error in the Instant Messaging Inspection can be exploited to cause a DoS.

Successful exploitation requires that Instant Messaging Inspection is enabled.

This vulnerability affects software versions 7.2.x, 8.0.x, and 8.1.x.

4) An unspecified error can be exploited to cause an affected system to reload via specially crafted network traffic (e.g. by certain vulnerability / port scanners) to TCP port 443.

This vulnerability affects software versions 7.2.x and 8.0.x.

5) An unspecified error causes the control-plane access control lists (ACL) to not work properly, which can be exploited to bypass configured control-plane ACLs.

This vulnerability affects software versions 8.0.x.

NOTE: Depending on the configuration some of the vulnerabilities are exploitable via the outside interface (please see the vendor's advisory for more information).

SOLUTION: Update to fixed versions (please see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200806-0198",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.2.2"
      },
      {
        "model": "pix security appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "pix security appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.2"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "8.1"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "7.2"
      },
      {
        "model": "adaptive security appliance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "adaptive security appliance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7.2"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(3)006"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.0.4.3"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.0.4"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1(2.5)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.0"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(4)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1(2)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(2.15)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(1)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.0.1.4"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1(2.27)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.(2.17)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.(2.16)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0(2)17"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(2.24)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.1(1)1"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(2.14)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(1.22)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0(3)10"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0(3)9"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(3)2"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.(2.7)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.(2.8)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0(2)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0(3)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.2"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.(2.49)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.1(1)2"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2.(2.19)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(2)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1(2.55)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.2(2.10)"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.(2.48)"
      },
      {
        "model": "pix/asa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1(2)70"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "29541"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2058"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-072"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:pix_security_appliance:7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-2058"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Security bulletin",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-072"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2008-2058",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2008-2058",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-32183",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2008-2058",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200806-072",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-32183",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32183"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2058"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-072"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device. interferes with service operation (DoS) There is a possibility of being put into a state. Cisco PIX and Cisco ASA are prone to multiple denial-of-service vulnerabilities and an unauthorized-access vulnerability. \nAn attacker can exploit these issues to bypass ACL lists and to cause an affected device to reboot or crash. Certain vulnerability/port scanners can cause system overloads. \n\n1) An unspecified error in the processing of TCP ACK packets can be\nexploited to cause a DoS by sending a specially crafted packet to an\naffected device. \n\nThis vulnerability affects software versions 7.1.x, 7.2.x, and\n8.0.x. \n\n2) An unspecified error in the handling of the TLS protocol can be\nexploited to cause an affected device to reload by sending a\nspecially crafted TLS packet to an affected device. \n\nThis vulnerability affects software version 8.0.x and 8.1.x. \n\n3) An unspecified error in the Instant Messaging Inspection can be\nexploited to cause a DoS. \n\nSuccessful exploitation requires that Instant Messaging Inspection is\nenabled. \n\nThis vulnerability affects software versions 7.2.x, 8.0.x, and\n8.1.x. \n\n4) An unspecified error can be exploited to cause an affected system\nto reload via specially crafted network traffic (e.g. by certain\nvulnerability / port scanners) to TCP port 443. \n\nThis vulnerability affects software versions 7.2.x and 8.0.x. \n\n5) An unspecified error causes the control-plane access control lists\n(ACL) to not work properly, which can be exploited to bypass\nconfigured control-plane ACLs. \n\nThis vulnerability affects software versions 8.0.x. \n\nNOTE: Depending on the configuration some of the vulnerabilities are\nexploitable via the outside interface (please see the vendor\u0027s\nadvisory for more information). \n\nSOLUTION:\nUpdate to fixed versions (please see the vendor\u0027s advisory for\ndetails). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-2058"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      },
      {
        "db": "BID",
        "id": "29541"
      },
      {
        "db": "VULHUB",
        "id": "VHN-32183"
      },
      {
        "db": "PACKETSTORM",
        "id": "67053"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-2058",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "30552",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1020182",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1020183",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-1750",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001424",
        "trust": 0.8
      },
      {
        "db": "CISCO",
        "id": "20080604 MULTIPLE VULNERABILITIES IN CISCO PIX AND CISCO ASA",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-072",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "29541",
        "trust": 0.3
      },
      {
        "db": "VULHUB",
        "id": "VHN-32183",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "67053",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32183"
      },
      {
        "db": "BID",
        "id": "29541"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      },
      {
        "db": "PACKETSTORM",
        "id": "67053"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2058"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-072"
      }
    ]
  },
  "id": "VAR-200806-0198",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32183"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:39:30.842000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20080604-asa",
        "trust": 0.8,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809a8354.shtml"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-399",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32183"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2058"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/30552"
      },
      {
        "trust": 2.1,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809a8354.shtml"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1020182"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1020183"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2008/1750/references"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2058"
      },
      {
        "trust": 0.8,
        "url": "http://www.frsirt.com/english/advisories/2008/1750"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2058"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1020183"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1020182"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2008/1750/references"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a00809a8359.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/493078"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/16163/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6102/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/30552/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_specialist/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/16164/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6115/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-32183"
      },
      {
        "db": "BID",
        "id": "29541"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      },
      {
        "db": "PACKETSTORM",
        "id": "67053"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2058"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-072"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-32183"
      },
      {
        "db": "BID",
        "id": "29541"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      },
      {
        "db": "PACKETSTORM",
        "id": "67053"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-2058"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-072"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-06-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-32183"
      },
      {
        "date": "2008-06-04T00:00:00",
        "db": "BID",
        "id": "29541"
      },
      {
        "date": "2008-06-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      },
      {
        "date": "2008-06-06T22:51:33",
        "db": "PACKETSTORM",
        "id": "67053"
      },
      {
        "date": "2008-06-04T21:32:00",
        "db": "NVD",
        "id": "CVE-2008-2058"
      },
      {
        "date": "2008-06-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200806-072"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-32183"
      },
      {
        "date": "2008-06-04T00:00:00",
        "db": "BID",
        "id": "29541"
      },
      {
        "date": "2008-06-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      },
      {
        "date": "2023-08-11T19:03:30.373000",
        "db": "NVD",
        "id": "CVE-2008-2058"
      },
      {
        "date": "2008-09-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200806-072"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-072"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco PIX/ASA Service disruption in the processing of port scans  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001424"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200806-072"
      }
    ],
    "trust": 0.6
  }
}

ghsa-fhcc-r3cj-8cwc

Vulnerability from github

Published

2022-05-01 23:46

Modified

2022-05-01 23:46

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-2058"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-06-04T21:32:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.",
  "id": "GHSA-fhcc-r3cj-8cwc",
  "modified": "2022-05-01T23:46:13Z",
  "published": "2022-05-01T23:46:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2058"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30552"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1020182"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1020183"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1750/references"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2008-2058

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2008-2058

Aliases

CVE-2008-2058

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-2058",
    "description": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.",
    "id": "GSD-2008-2058"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-2058"
      ],
      "details": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.",
      "id": "GSD-2008-2058",
      "modified": "2023-12-13T01:23:00.974599Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2008-2058",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1020183",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1020183"
          },
          {
            "name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
          },
          {
            "name": "30552",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30552"
          },
          {
            "name": "1020182",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1020182"
          },
          {
            "name": "ADV-2008-1750",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/1750/references"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:pix_security_appliance:7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2008-2058"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
              "refsource": "CISCO",
              "tags": [
                "Patch"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
            },
            {
              "name": "1020182",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1020182"
            },
            {
              "name": "1020183",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1020183"
            },
            {
              "name": "30552",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30552"
            },
            {
              "name": "ADV-2008-1750",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1750/references"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-08-11T19:03Z",
      "publishedDate": "2008-06-04T21:32Z"
    }
  }
}

cve-2008-2058

Vulnerability from fkie_nvd

Published

2008-06-04 21:32

Modified

2024-11-21 00:45

Severity ?

Summary

References

URL	Tags
ykramarz@cisco.com	http://secunia.com/advisories/30552
ykramarz@cisco.com	http://securitytracker.com/id?1020182
ykramarz@cisco.com	http://securitytracker.com/id?1020183
ykramarz@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml	Patch
ykramarz@cisco.com	http://www.vupen.com/english/advisories/2008/1750/references
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30552
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020182
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020183
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1750/references

Impacted products

Vendor	Product	Version
cisco	pix_security_appliance	7.2
cisco	pix_security_appliance	8.0
cisco	adaptive_security_appliance_software	7.2.2
cisco	adaptive_security_appliance_software	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:pix_security_appliance:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACF15BCE-C6B3-47CB-B716-51B95398A253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F8681FC-05B5-4AE3-A9CF-51879254404E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "95627941-30D8-452F-B6C8-76D2BEE93514",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device."
    },
    {
      "lang": "es",
      "value": "Cisco Adaptive Security Appliance (ASA) y Cisco PIX security appliance 7.2.x anterior a 7.2(3)2 y v8.0.x  anterior a 8.0(2)17, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de dispositivo) mediante un escaneo de puerto hacia el 443."
    }
  ],
  "id": "CVE-2008-2058",
  "lastModified": "2024-11-21T00:45:59.307",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-06-04T21:32:00.000",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "url": "http://secunia.com/advisories/30552"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://securitytracker.com/id?1020182"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://securitytracker.com/id?1020183"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2008/1750/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30552"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1750/references"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2008-2058

Vulnerability from cvelistv5

var-200806-0198

Vulnerability from variot

ghsa-fhcc-r3cj-8cwc

Vulnerability from github

gsd-2008-2058

Vulnerability from gsd

cve-2008-2058

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature