cvelistv5 - cve-2009-4911

CVE-2009-4911 (GCVE-0-2009-4911)

Vulnerability from cvelistv5 – Published: 2010-06-29 18:00 – Updated: 2024-09-17 03:19

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

http://www.cisco.com/en/US/docs/security/asa/asa8…

x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:24:52.686Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-06-29T18:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4911",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4911",
    "datePublished": "2010-06-29T18:00:00Z",
    "dateReserved": "2010-06-29T00:00:00Z",
    "dateUpdated": "2024-09-17T03:19:09.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:asa_5580:8.1\\\\(1\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D314EDEE-4A4F-477D-94CF-C2A747755813\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad sin especificar en dispositivos Cisco Adaptive Security Appliances (ASA) de la serie 5580 con versi\\u00f3n de software anterior a v8.1(2), permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (fallo del dispositivo) a trav\\u00e9s de vectores que involucran transacciones SSL VPN y PPPoE, tambi\\u00e9n conocido como Bug ID CSCsm77958.\"}]",
      "id": "CVE-2009-4911",
      "lastModified": "2024-11-21T01:10:45.453",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2010-06-29T18:30:01.473",
      "references": "[{\"url\": \"http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-4911\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-06-29T18:30:01.473\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad sin especificar en dispositivos Cisco Adaptive Security Appliances (ASA) de la serie 5580 con versi\u00f3n de software anterior a v8.1(2), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo del dispositivo) a trav\u00e9s de vectores que involucran transacciones SSL VPN y PPPoE, tambi\u00e9n conocido como Bug ID CSCsm77958.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:asa_5580:8.1\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D314EDEE-4A4F-477D-94CF-C2A747755813\"}]}]}],\"references\":[{\"url\":\"http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}

FKIE_CVE-2009-4911

Vulnerability from fkie_nvd - Published: 2010-06-29 18:30 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

	URL	Tags
	cve@mitre.org	http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html	Patch
	af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html	Patch

Impacted products

	Vendor	Product	Version
	cisco	asa_5580	8.1\(1\)

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5580:8.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D314EDEE-4A4F-477D-94CF-C2A747755813",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en dispositivos Cisco Adaptive Security Appliances (ASA) de la serie 5580 con versi\u00f3n de software anterior a v8.1(2), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo del dispositivo) a trav\u00e9s de vectores que involucran transacciones SSL VPN y PPPoE, tambi\u00e9n conocido como Bug ID CSCsm77958."
    }
  ],
  "id": "CVE-2009-4911",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-06-29T18:30:01.473",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2010-AVI-292

Vulnerability from certfr_avis - Published: - Updated:

De nombreuses vulnérabilités ont été trouvées dans Cisco ASA. Elles permettent de réaliser un déni de service à distance, de contourner la politique de sécurité ou de réaliser de l'injection de code indirecte.

Description

Plusieurs vulnérabilités sont présentes dans Cisco ASA. En particulier :

deux vulnérabilités permettent à une personne malveillante d'injecter du code dans les réponses HTTP émises par le serveur et ainsi de faire exécuter du code dans le navigateur Web de la victime ;
les gestions incorrectes des protocoles IPv6 et SSL permettent à un utilisateur malveillant de contourner la politique de sécurité ;
un problème de traitement des certificats X.509 permet à un utilisateur malveillant d'épuiser la mémoire de l'équipement ;
une vulnérabilité non précisée ainsi qu'un trafic SIP important permettent à un utilisateur malveillant distant de provoquer le redémarrage de l'équipement ;
DTLS, IPsec L2L, les VPN SSL et des paquets TCP malformés sont utilisables par un attaquant pour provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco ASA versions 8.1(1) et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Notes de version Cisco ASA version 8.1(2)

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eCisco ASA versions 8.1(1) et  ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Cisco ASA. En particulier\u00a0:\n\n-   deux vuln\u00e9rabilit\u00e9s permettent \u00e0 une personne malveillante\n    d\u0027injecter du code dans les r\u00e9ponses HTTP \u00e9mises par le serveur et\n    ainsi de faire ex\u00e9cuter du code dans le navigateur Web de la\n    victime\u00a0;\n-   les gestions incorrectes des protocoles IPv6 et SSL permettent \u00e0 un\n    utilisateur malveillant de contourner la politique de s\u00e9curit\u00e9\u00a0;\n-   un probl\u00e8me de traitement des certificats X.509 permet \u00e0 un\n    utilisateur malveillant d\u0027\u00e9puiser la m\u00e9moire de l\u0027\u00e9quipement\u00a0;\n-   une vuln\u00e9rabilit\u00e9 non pr\u00e9cis\u00e9e ainsi qu\u0027un trafic SIP important\n    permettent \u00e0 un utilisateur malveillant distant de provoquer le\n    red\u00e9marrage de l\u0027\u00e9quipement\u00a0;\n-   DTLS, IPsec L2L, les VPN SSL et des paquets TCP malform\u00e9s sont\n    utilisables par un attaquant pour provoquer un d\u00e9ni de service \u00e0\n    distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-4921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4921"
    },
    {
      "name": "CVE-2009-4917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4917"
    },
    {
      "name": "CVE-2009-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4911"
    },
    {
      "name": "CVE-2009-4919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4919"
    },
    {
      "name": "CVE-2009-4912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4912"
    },
    {
      "name": "CVE-2009-4920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4920"
    },
    {
      "name": "CVE-2009-4916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4916"
    },
    {
      "name": "CVE-2009-4914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4914"
    },
    {
      "name": "CVE-2008-7257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-7257"
    },
    {
      "name": "CVE-2009-4918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4918"
    },
    {
      "name": "CVE-2009-4923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4923"
    },
    {
      "name": "CVE-2009-4915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4915"
    },
    {
      "name": "CVE-2009-4910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4910"
    },
    {
      "name": "CVE-2009-4922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4922"
    },
    {
      "name": "CVE-2009-4913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4913"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-292",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-06-28T00:00:00.000000"
    },
    {
      "description": "ajout de vuln\u00e9rabilit\u00e9s et de 14 r\u00e9f\u00e9rences CVE.",
      "revision_date": "2010-06-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 trouv\u00e9es dans Cisco ASA. Elles\npermettent de r\u00e9aliser un d\u00e9ni de service \u00e0 distance, de contourner la\npolitique de s\u00e9curit\u00e9 ou de r\u00e9aliser de l\u0027injection de code indirecte.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Cisco ASA",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Notes de version Cisco ASA version 8.1(2)",
      "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
    }
  ]
}

CERTA-2010-AVI-292

Vulnerability from certfr_avis - Published: - Updated:

Description

Plusieurs vulnérabilités sont présentes dans Cisco ASA. En particulier :

deux vulnérabilités permettent à une personne malveillante d'injecter du code dans les réponses HTTP émises par le serveur et ainsi de faire exécuter du code dans le navigateur Web de la victime ;
les gestions incorrectes des protocoles IPv6 et SSL permettent à un utilisateur malveillant de contourner la politique de sécurité ;
un problème de traitement des certificats X.509 permet à un utilisateur malveillant d'épuiser la mémoire de l'équipement ;
une vulnérabilité non précisée ainsi qu'un trafic SIP important permettent à un utilisateur malveillant distant de provoquer le redémarrage de l'équipement ;
DTLS, IPsec L2L, les VPN SSL et des paquets TCP malformés sont utilisables par un attaquant pour provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco ASA versions 8.1(1) et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Notes de version Cisco ASA version 8.1(2)

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eCisco ASA versions 8.1(1) et  ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Cisco ASA. En particulier\u00a0:\n\n-   deux vuln\u00e9rabilit\u00e9s permettent \u00e0 une personne malveillante\n    d\u0027injecter du code dans les r\u00e9ponses HTTP \u00e9mises par le serveur et\n    ainsi de faire ex\u00e9cuter du code dans le navigateur Web de la\n    victime\u00a0;\n-   les gestions incorrectes des protocoles IPv6 et SSL permettent \u00e0 un\n    utilisateur malveillant de contourner la politique de s\u00e9curit\u00e9\u00a0;\n-   un probl\u00e8me de traitement des certificats X.509 permet \u00e0 un\n    utilisateur malveillant d\u0027\u00e9puiser la m\u00e9moire de l\u0027\u00e9quipement\u00a0;\n-   une vuln\u00e9rabilit\u00e9 non pr\u00e9cis\u00e9e ainsi qu\u0027un trafic SIP important\n    permettent \u00e0 un utilisateur malveillant distant de provoquer le\n    red\u00e9marrage de l\u0027\u00e9quipement\u00a0;\n-   DTLS, IPsec L2L, les VPN SSL et des paquets TCP malform\u00e9s sont\n    utilisables par un attaquant pour provoquer un d\u00e9ni de service \u00e0\n    distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-4921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4921"
    },
    {
      "name": "CVE-2009-4917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4917"
    },
    {
      "name": "CVE-2009-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4911"
    },
    {
      "name": "CVE-2009-4919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4919"
    },
    {
      "name": "CVE-2009-4912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4912"
    },
    {
      "name": "CVE-2009-4920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4920"
    },
    {
      "name": "CVE-2009-4916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4916"
    },
    {
      "name": "CVE-2009-4914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4914"
    },
    {
      "name": "CVE-2008-7257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-7257"
    },
    {
      "name": "CVE-2009-4918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4918"
    },
    {
      "name": "CVE-2009-4923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4923"
    },
    {
      "name": "CVE-2009-4915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4915"
    },
    {
      "name": "CVE-2009-4910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4910"
    },
    {
      "name": "CVE-2009-4922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4922"
    },
    {
      "name": "CVE-2009-4913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4913"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-292",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-06-28T00:00:00.000000"
    },
    {
      "description": "ajout de vuln\u00e9rabilit\u00e9s et de 14 r\u00e9f\u00e9rences CVE.",
      "revision_date": "2010-06-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 trouv\u00e9es dans Cisco ASA. Elles\npermettent de r\u00e9aliser un d\u00e9ni de service \u00e0 distance, de contourner la\npolitique de s\u00e9curit\u00e9 ou de r\u00e9aliser de l\u0027injection de code indirecte.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Cisco ASA",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Notes de version Cisco ASA version 8.1(2)",
      "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
    }
  ]
}

GSD-2009-4911

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-4911

Aliases

CVE-2009-4911

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-4911",
    "description": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958.",
    "id": "GSD-2009-4911"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-4911"
      ],
      "details": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958.",
      "id": "GSD-2009-4911",
      "modified": "2023-12-13T01:19:45.121524Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-4911",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html",
            "refsource": "CONFIRM",
            "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:asa_5580:8.1\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4911"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2010-06-30T04:00Z",
      "publishedDate": "2010-06-29T18:30Z"
    }
  }
}

GHSA-7X3Q-23HW-J9XF

Vulnerability from github – Published: 2022-05-02 03:59 – Updated: 2022-05-02 03:59

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-4911"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-06-29T18:30:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958.",
  "id": "GHSA-7x3q-23hw-j9xf",
  "modified": "2022-05-02T03:59:34Z",
  "published": "2022-05-02T03:59:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4911"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-201006-0015

Vulnerability from variot - Updated: 2023-12-18 12:22

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958. The problem is Bug ID : CSCsm77958 It is a problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. Cisco ASA 5580 series security appliances are prone to multiple security vulnerabilities. The vulnerabilities include multiple denial-of-service vulnerabilities, multiple buffer-overflow vulnerabilities, authentication-bypass vulnerabilities and a cross-site scripting vulnerability. Exploiting these issues could allow an attacker to deny service to legitimate users, bypass security restrictions and gain unauthorized access, execute arbitrary script code, or steal cookie-based authentication credentials. Other attacks may also be possible. Cisco ASA 5580 series security appliances with software prior to 8.1(2) are vulnerable

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201006-0015",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "asa 5580",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.1\\(1\\)"
      },
      {
        "model": "adaptive security appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "5580 version  8.1(2)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55808.1(1)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55808.1"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55808.1(2)"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "41412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002864"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4911"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-455"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:asa_5580:8.1\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-4911"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "41412"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2009-4911",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2009-4911",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-42357",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2009-4911",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201006-455",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-42357",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42357"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002864"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4911"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-455"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958. The problem is Bug ID : CSCsm77958 It is a problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. Cisco ASA 5580 series security appliances are prone to multiple security vulnerabilities. The vulnerabilities include multiple denial-of-service vulnerabilities, multiple buffer-overflow vulnerabilities, authentication-bypass vulnerabilities and a cross-site scripting vulnerability. \nExploiting these issues could allow an attacker to deny service to legitimate users, bypass security restrictions and gain unauthorized access, execute arbitrary script code, or steal cookie-based authentication credentials. Other attacks may also be possible. \nCisco ASA 5580 series security appliances with software prior to 8.1(2) are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-4911"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002864"
      },
      {
        "db": "BID",
        "id": "41412"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42357"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2009-4911",
        "trust": 2.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002864",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-455",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "41412",
        "trust": 0.3
      },
      {
        "db": "VULHUB",
        "id": "VHN-42357",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42357"
      },
      {
        "db": "BID",
        "id": "41412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002864"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4911"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-455"
      }
    ]
  },
  "id": "VAR-201006-0015",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42357"
      }
    ],
    "trust": 0.7311873
  },
  "last_update_date": "2023-12-18T12:22:34.828000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "asarn812",
        "trust": 0.8,
        "url": "http://www.cisco.com/en/us/docs/security/asa/asa81/release/notes/asarn812.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002864"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-4911"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.cisco.com/en/us/docs/security/asa/asa81/release/notes/asarn812.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4911"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4911"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42357"
      },
      {
        "db": "BID",
        "id": "41412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002864"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4911"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-455"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-42357"
      },
      {
        "db": "BID",
        "id": "41412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002864"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4911"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-455"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-06-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-42357"
      },
      {
        "date": "2009-04-06T00:00:00",
        "db": "BID",
        "id": "41412"
      },
      {
        "date": "2011-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-002864"
      },
      {
        "date": "2010-06-29T18:30:01.473000",
        "db": "NVD",
        "id": "CVE-2009-4911"
      },
      {
        "date": "2010-06-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201006-455"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-06-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-42357"
      },
      {
        "date": "2009-04-06T00:00:00",
        "db": "BID",
        "id": "41412"
      },
      {
        "date": "2011-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-002864"
      },
      {
        "date": "2010-06-30T04:00:00",
        "db": "NVD",
        "id": "CVE-2009-4911"
      },
      {
        "date": "2010-07-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201006-455"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-455"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Adaptive Security Appliances Service disruption on devices  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-002864"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-455"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-4911 (GCVE-0-2009-4911)

FKIE_CVE-2009-4911

CERTA-2010-AVI-292

Description

Solution

CERTA-2010-AVI-292

Description

Solution

GSD-2009-4911

GHSA-7X3Q-23HW-J9XF

VAR-201006-0015

Tags

Sightings

Nomenclature