VAR-200508-0064
Vulnerability from variot - Updated: 2023-12-18 13:40Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors. Cisco IPS is susceptible to a local privilege escalation vulnerability. This issue is due to a flaw in the logic of the command line interface (CLI). These privileges are non-privileged accounts designated for monitoring and troubleshooting of IPS devices. By exploiting this vulnerability, attackers may gain full administrative privileges on affected devices. This allows them to bypass the network security features of the device, aiding them in further attacks. Arbitrary code execution and denial of network services is also possible.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Intrusion Prevention System Privilege Escalation
SECUNIA ADVISORY ID: SA16545
VERIFY ADVISORY: http://secunia.com/advisories/16545/
CRITICAL: Less critical
IMPACT: Privilege escalation
WHERE: Local system
OPERATING SYSTEM: Cisco Intrusion Prevention System (IPS) 5.x http://secunia.com/product/5600/
DESCRIPTION: A vulnerability has been reported in Cisco Intrusion Prevention System, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerability affects versions 5.0(1) and 5.0(2). Versions 4.x and prior are not vulnerable.
SOLUTION: Update to version 5.0(3). http://www.cisco.com/pcgi-bin/tablebuild.pl/ips5
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20050824-ips.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200508-0064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.0\\(2\\)"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.0\\(1\\)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\(1\\)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\(2\\)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(2)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "intrusion prevention system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(3)"
},
{
"model": "intrusion prevention system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.x"
}
],
"sources": [
{
"db": "BID",
"id": "14633"
},
{
"db": "NVD",
"id": "CVE-2005-2681"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2681"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "14633"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
],
"trust": 0.9
},
"cve": "CVE-2005-2681",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-13890",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-2681",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200508-265",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-13890",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13890"
},
{
"db": "NVD",
"id": "CVE-2005-2681"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors. Cisco IPS is susceptible to a local privilege escalation vulnerability. This issue is due to a flaw in the logic of the command line interface (CLI). These privileges are non-privileged accounts designated for monitoring and troubleshooting of IPS devices. \nBy exploiting this vulnerability, attackers may gain full administrative privileges on affected devices. This allows them to bypass the network security features of the device, aiding them in further attacks. Arbitrary code execution and denial of network services is also possible. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Intrusion Prevention System Privilege Escalation\n\nSECUNIA ADVISORY ID:\nSA16545\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/16545/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation\n\nWHERE:\nLocal system\n\nOPERATING SYSTEM:\nCisco Intrusion Prevention System (IPS) 5.x\nhttp://secunia.com/product/5600/\n\nDESCRIPTION:\nA vulnerability has been reported in Cisco Intrusion Prevention\nSystem, which can be exploited by malicious, local users to gain\nescalated privileges. \n\nThe vulnerability affects versions 5.0(1) and 5.0(2). Versions 4.x\nand prior are not vulnerable. \n\nSOLUTION:\nUpdate to version 5.0(3). \nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/ips5\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20050824-ips.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2681"
},
{
"db": "BID",
"id": "14633"
},
{
"db": "VULHUB",
"id": "VHN-13890"
},
{
"db": "PACKETSTORM",
"id": "39517"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "14633",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "16545",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2005-2681",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200508-265",
"trust": 0.7
},
{
"db": "XF",
"id": "21947",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20050822 CISCO INTRUSION PREVENTION SYSTEM VULNERABLE TO PRIVILEGE ESCALATION",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-13890",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "39517",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13890"
},
{
"db": "BID",
"id": "14633"
},
{
"db": "PACKETSTORM",
"id": "39517"
},
{
"db": "NVD",
"id": "CVE-2005-2681"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
]
},
"id": "VAR-200508-0064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-13890"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:40:54.871000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2681"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050824-ips.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/14633"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/16545"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21947"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/21947"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/secursw/ps2113/"
},
{
"trust": 0.3,
"url": "/archive/1/408789"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/ips5"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5600/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/16545/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13890"
},
{
"db": "BID",
"id": "14633"
},
{
"db": "PACKETSTORM",
"id": "39517"
},
{
"db": "NVD",
"id": "CVE-2005-2681"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-13890"
},
{
"db": "BID",
"id": "14633"
},
{
"db": "PACKETSTORM",
"id": "39517"
},
{
"db": "NVD",
"id": "CVE-2005-2681"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-13890"
},
{
"date": "2005-08-22T00:00:00",
"db": "BID",
"id": "14633"
},
{
"date": "2005-08-23T23:30:33",
"db": "PACKETSTORM",
"id": "39517"
},
{
"date": "2005-08-23T04:00:00",
"db": "NVD",
"id": "CVE-2005-2681"
},
{
"date": "2005-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-13890"
},
{
"date": "2005-08-22T00:00:00",
"db": "BID",
"id": "14633"
},
{
"date": "2018-10-30T16:25:18.607000",
"db": "NVD",
"id": "CVE-2005-2681"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "14633"
},
{
"db": "PACKETSTORM",
"id": "39517"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Local privilege vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "14633"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-265"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…