fkie_nvd - fkie_cve-2009-1158

FKIE_CVE-2009-1158

Vulnerability from fkie_nvd - Published: 2009-04-09 15:08 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet.

References

URL	Tags
psirt@cisco.com	http://osvdb.org/53444
psirt@cisco.com	http://secunia.com/advisories/34607
psirt@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml	Patch, Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/34429
psirt@cisco.com	http://www.securitytracker.com/id?1022015
psirt@cisco.com	http://www.vupen.com/english/advisories/2009/0981
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/53444
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34607
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/34429
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022015
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0981

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_5500	7.0
cisco	adaptive_security_appliance_5500	7.1
cisco	adaptive_security_appliance_5500	7.2
cisco	adaptive_security_appliance_5500	8.0
cisco	adaptive_security_appliance_5500	8.1
cisco	pix	7.0
cisco	pix	7.1
cisco	pix	7.2
cisco	pix	8.0
cisco	pix	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "235C2CE5-C858-4037-AE35-E6D506301894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "76EAF7E0-6C0A-4B62-8776-CDE7CEB4565A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97290344-5440-4797-9668-AA1050E87C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "508DECFB-F334-409F-911B-BF8D842D3556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32C602C-E278-4DA2-B7D0-941FABA9ADC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no espec\u00edfica en Cisco Adaptive Security Appliances (ASA) 5500 Series dispositivos v7.0 anteriores a v7.0(8)6, v7.1 anteriores a v7.1(2)82, v7.2 anteriores a v7.2(4)26, v8.0 anteriores a v8.0(4)24, y v8.1 anteriores a v8.1(2)14, cuando la inspecci\u00f3n H.323 est\u00e1 habilitado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de un paquete h.323 manipulado."
    }
  ],
  "id": "CVE-2009-1158",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-09T15:08:35.767",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/53444"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1022015"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53444"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-1158 (GCVE-0-2009-1158)

Vulnerability from cvelistv5 – Published: 2009-04-09 15:00 – Updated: 2024-08-07 05:04

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://www.vupen.com/english/advisories/2009/0981	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/34429	vdb-entryx_refsource_BID
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://secunia.com/advisories/34607	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1022015	vdb-entryx_refsource_SECTRACK
	http://osvdb.org/53444	vdb-entryx_refsource_OSVDB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.268Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-0981",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0981"
          },
          {
            "name": "34429",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34429"
          },
          {
            "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
          },
          {
            "name": "34607",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34607"
          },
          {
            "name": "1022015",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022015"
          },
          {
            "name": "53444",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53444"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-04-16T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "ADV-2009-0981",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0981"
        },
        {
          "name": "34429",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34429"
        },
        {
          "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
        },
        {
          "name": "34607",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34607"
        },
        {
          "name": "1022015",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022015"
        },
        {
          "name": "53444",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53444"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-1158",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-0981",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0981"
            },
            {
              "name": "34429",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34429"
            },
            {
              "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
            },
            {
              "name": "34607",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34607"
            },
            {
              "name": "1022015",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022015"
            },
            {
              "name": "53444",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53444"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-1158",
    "datePublished": "2009-04-09T15:00:00",
    "dateReserved": "2009-03-26T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.268Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2009-1158

CVE-2009-1158 (GCVE-0-2009-1158)

Tags

Sightings

Nomenclature