var-200401-0043
Vulnerability from variot
Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. CSCeb16356 (HTTP Auth) Vulnerability: Passing HTTP Auth requests using TACACS+ or RADIUS authentication can cause Cisco FWSM to crash and reload due to send buffer overflow. This request can be initiated by the user by initiating an FTP, TELNET or HTTP connection. Cisco FWSM will only allow communication if the username and password are authenticated by the specified ACACS+ or RADIUS server. CSCeb88419 (SNMPv3) Vulnerability When configuring snmp-server host or snmp-server host poll on the Cisco FWSM module, when processing the received SNMPv3 message, the Cisco FWSM may crash and generate a rejection Serve. This vulnerability is not affected only when the snmp-server host trap command is configured on the Cisco FWSM module
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200401-0043",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "catalyst 6500 ws-svc-nam-2",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1a\\)"
},
{
"model": "catalyst 6500 ws-svc-nam-2",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1\\(1a\\)"
},
{
"model": "catalyst 6500 ws-svc-nam-1",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1a\\)"
},
{
"model": "catalyst 6500 ws-x6380-nam",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.1\\(2\\)"
},
{
"model": "catalyst 6500 ws-svc-nam-1",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1\\(1a\\)"
},
{
"model": "catalyst 7600 ws-svc-nam-1",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1a\\)"
},
{
"model": "catalyst 6500 ws-x6380-nam",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1\\(1a\\)"
},
{
"model": "catalyst 7600 ws-svc-nam-1",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1\\(1a\\)"
},
{
"model": "catalyst 7600 ws-svc-nam-2",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1a\\)"
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.1.2"
},
{
"model": "catos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.6\\(1\\)"
},
{
"model": "catalyst 7600 ws-svc-nam-2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1\\(1a\\)"
},
{
"model": "catos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.4\\(1\\)"
},
{
"model": "catalyst 6500",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "catalyst 7600 ws-x6380-nam",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1\\(2\\)"
},
{
"model": "catalyst 7600 ws-x6380-nam",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1\\(1a\\)"
},
{
"model": "catos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.5\\(1\\)"
},
{
"model": "catalyst 6500",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5(1)"
},
{
"model": "catalyst ws-x6380-nam",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "76003.1"
},
{
"model": "catalyst ws-svc-nam-2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "76003.1"
},
{
"model": "catalyst ws-x6380-nam",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "76002.1"
},
{
"model": "catalyst ws-svc-nam-1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "65002.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6500"
}
],
"sources": [
{
"db": "BID",
"id": "88263"
},
{
"db": "NVD",
"id": "CVE-2003-1002"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:2.1\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:catos:7.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:3.1\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:catos:7.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:3.1\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:3.1\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:2.1\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:3.1\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:catos:5.4\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1002"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
],
"trust": 0.6
},
"cve": "CVE-2003-1002",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-7827",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-1002",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200401-024",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-7827",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7827"
},
{
"db": "NVD",
"id": "CVE-2003-1002"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. CSCeb16356 (HTTP Auth) Vulnerability: Passing HTTP Auth requests using TACACS+ or RADIUS authentication can cause Cisco FWSM to crash and reload due to send buffer overflow. This request can be initiated by the user by initiating an FTP, TELNET or HTTP connection. Cisco FWSM will only allow communication if the username and password are authenticated by the specified ACACS+ or RADIUS server. CSCeb88419 (SNMPv3) Vulnerability When configuring snmp-server host \u003cif_name\u003e \u003cip_addr\u003e or snmp-server host \u003cif_name\u003e \u003cip_addr\u003e poll on the Cisco FWSM module, when processing the received SNMPv3 message, the Cisco FWSM may crash and generate a rejection Serve. This vulnerability is not affected only when the snmp-server host \u003cif_name\u003e \u003cip_addr\u003e trap command is configured on the Cisco FWSM module",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1002"
},
{
"db": "BID",
"id": "88263"
},
{
"db": "VULHUB",
"id": "VHN-7827"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-1002",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200401-024",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20031215 CISCO FWSM VULNERABILITIES",
"trust": 0.6
},
{
"db": "BID",
"id": "88263",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-7827",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7827"
},
{
"db": "BID",
"id": "88263"
},
{
"db": "NVD",
"id": "CVE-2003-1002"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
]
},
"id": "VAR-200401-0043",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7827"
}
],
"trust": 0.4056849
},
"last_update_date": "2023-12-18T12:24:36.582000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1002"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20031215-fwsm.shtml"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7827"
},
{
"db": "BID",
"id": "88263"
},
{
"db": "NVD",
"id": "CVE-2003-1002"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-7827"
},
{
"db": "BID",
"id": "88263"
},
{
"db": "NVD",
"id": "CVE-2003-1002"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-7827"
},
{
"date": "2004-01-05T00:00:00",
"db": "BID",
"id": "88263"
},
{
"date": "2004-01-05T05:00:00",
"db": "NVD",
"id": "CVE-2003-1002"
},
{
"date": "2003-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-7827"
},
{
"date": "2016-07-06T14:33:00",
"db": "BID",
"id": "88263"
},
{
"date": "2008-09-10T19:21:24.413000",
"db": "NVD",
"id": "CVE-2003-1002"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco FWSM Multiple security vulnerabilities",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200401-024"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.