VAR-200212-0703
Vulnerability from variot - Updated: 2024-05-17 22:50Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor. The Cisco AS5350 Universal Gateway is reported to be prone to a denial of service condition. It is possible to cause this condition by portscanning a vulnerable device. This issue was reported for Cisco AS5350 devices running Cisco IOS release 12.2(11)T. Other firmware and devices may also be affected. There are conflicting reports regarding the existence of this vulnerability. Other sources have indicated that the issue may be related to a configuration problem. Attackers can use the Nmap scanner to scan the ports 1-65535 of the Cisco AS5350 Universal Gateway, which can cause the system to hang and require a restart of the device to obtain normal functions. However, there are many different views on this issue. improper
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0703",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "as5350",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(11t\\)"
},
{
"model": "ios 12.2 t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "6059"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-298"
},
{
"db": "NVD",
"id": "CVE-2002-2379"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:as5350:12.2\\(11t\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2379"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Thomas Munn\u203b munn@bigfoot.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-298"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2379",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-6762",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-2379",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-298",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-6762",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6762"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-298"
},
{
"db": "NVD",
"id": "CVE-2002-2379"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor. The Cisco AS5350 Universal Gateway is reported to be prone to a denial of service condition. It is possible to cause this condition by portscanning a vulnerable device. \nThis issue was reported for Cisco AS5350 devices running Cisco IOS release 12.2(11)T. Other firmware and devices may also be affected. \nThere are conflicting reports regarding the existence of this vulnerability. Other sources have indicated that the issue may be related to a configuration problem. Attackers can use the Nmap scanner to scan the ports 1-65535 of the Cisco AS5350 Universal Gateway, which can cause the system to hang and require a restart of the device to obtain normal functions. However, there are many different views on this issue. improper",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2379"
},
{
"db": "BID",
"id": "6059"
},
{
"db": "VULHUB",
"id": "VHN-6762"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-6762",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6762"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "6059",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-2379",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200212-298",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "3747",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021029 RE: CISCO AS5350 CRASHES WITH NMAP CONNECT SCAN",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021028 CISCO AS5350 CRASHES WITH NMAP CONNECT SCAN",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20021029 RESPONSE TO BUGTRAQ - CISCO AS5350 CRASHES WITH NMAP CONNECT SCAN",
"trust": 0.6
},
{
"db": "XF",
"id": "5350",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "21971",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-6762",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6762"
},
{
"db": "BID",
"id": "6059"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-298"
},
{
"db": "NVD",
"id": "CVE-2002-2379"
}
]
},
"id": "VAR-200212-0703",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6762"
}
],
"trust": 0.01
},
"last_update_date": "2024-05-17T22:50:48.634000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6762"
},
{
"db": "NVD",
"id": "CVE-2002-2379"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6059"
},
{
"trust": 1.7,
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00397.html"
},
{
"trust": 1.7,
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00411.html"
},
{
"trust": 1.7,
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00413.html"
},
{
"trust": 1.7,
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00420.html"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/hw/univgate/ps501/products_security_notice09186a008024dba2.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10522.php"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3747"
},
{
"trust": 0.3,
"url": "/archive/1/297689"
},
{
"trust": 0.3,
"url": "/archive/1/297691"
},
{
"trust": 0.3,
"url": "/archive/1/297710"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6762"
},
{
"db": "BID",
"id": "6059"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-298"
},
{
"db": "NVD",
"id": "CVE-2002-2379"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6762"
},
{
"db": "BID",
"id": "6059"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-298"
},
{
"db": "NVD",
"id": "CVE-2002-2379"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6762"
},
{
"date": "2002-10-28T00:00:00",
"db": "BID",
"id": "6059"
},
{
"date": "2002-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-298"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2379"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6762"
},
{
"date": "2002-10-28T00:00:00",
"db": "BID",
"id": "6059"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-298"
},
{
"date": "2024-05-17T00:20:40.057000",
"db": "NVD",
"id": "CVE-2002-2379"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-298"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco AS5350 Universal Gateway Remote Denial of Service Attack Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-298"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-298"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…