var-200705-0480
Vulnerability from variot
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry. The Cisco ASA and PIX firewalls contain an authentication bypass vulnerability. This vulnerability may allow a remote attacker to gain unauthorized access to the internal network or firewall. The Cisco Adaptive Security Appliance contains a memory exhaustion vulnerability that may occur when the DHCP service relay is enabled. According to Cisco Systems information IPSec VPN If an attacker attempts to exploit the, the group name and group password must be known. Remote attackers may use this vulnerability to cause the device to fail to work normally or to bypass authentication. A successful attack can result in a device reload. This vulnerability is documented as software bug CSCsh81111.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/
The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.
1) An unspecified error exists when using the LDAP authentication mechanism, which can be exploited to bypass the authentication and gain access to the device or the network.
Successful exploitation requires that the device uses the Layer 2 Tunneling Protocol (L2TP) and is configured to use LDAP servers with another protocol other than PAP for authentication, or that the device offers remote management access (telnet, SSH, HTTP) and uses an LDAP AAA server for authentication.
2) An unspecified error when using VPN connections configured with password expiry can be exploited to cause a DoS.
Successful exploitation requires that the tunnel group is configured with password expiry.
3) A race condition within the processing of non-standard SSL sessions in the SSL VPN server of Cisco ASA appliances can be exploited to cause the device to reload.
Successful exploitation requires that clientless SSL is used.
4) An error within the DHCP relay agent when handling DHCPACK messages can be exploited to cause a DoS due to memory exhaustion by sending a large number of DHCP requests to a vulnerable device.
Successful exploitation requires that devices are configured to use the DHCP relay agent.
SOLUTION: Apply updated software versions. Please see vendor advisories for details.
PROVIDED AND/OR DISCOVERED BY: 1-3) Reported by the vendor. 4) Lisa Sittler and Grant Deffenbaugh, CERT/CC.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20070502-asa.shtml http://www.cisco.com/warp/public/707/cisco-sr-20070502-pix.shtml
http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html http://www.cisco.com/en/US/products/products_applied_intelligence_response09186a008083316f.html
US-CERT VU#530057: http://www.kb.cert.org/vuls/id/530057
OTHER REFERENCES: US-CERT VU#210876: http://www.kb.cert.org/vuls/id/210876
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200705-0480",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "pix",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "adaptive security appliance software",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2.2"
},
{
"model": "pix",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.2.2"
},
{
"model": "pix",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.2"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.7)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.16)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.15)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.14)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.10)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(1)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.(2.48)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(2.5)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(2)"
},
{
"model": "pix/asa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.8)"
},
{
"model": "pix/asa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.19)"
},
{
"model": "pix/asa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.17)"
},
{
"model": "pix/asa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.(2.49)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "BID",
"id": "23768"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000336"
},
{
"db": "NVD",
"id": "CVE-2007-2463"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-024"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:pix:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2463"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-024"
}
],
"trust": 0.6
},
"cve": "CVE-2007-2463",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-2463",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-25825",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-2463",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#337508",
"trust": 0.8,
"value": "0.70"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#210876",
"trust": 0.8,
"value": "2.43"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#530057",
"trust": 0.8,
"value": "0.64"
},
{
"author": "CNNVD",
"id": "CNNVD-200705-024",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-25825",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "VULHUB",
"id": "VHN-25825"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000336"
},
{
"db": "NVD",
"id": "CVE-2007-2463"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-024"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry. The Cisco ASA and PIX firewalls contain an authentication bypass vulnerability. This vulnerability may allow a remote attacker to gain unauthorized access to the internal network or firewall. The Cisco Adaptive Security Appliance contains a memory exhaustion vulnerability that may occur when the DHCP service relay is enabled. According to Cisco Systems information IPSec VPN If an attacker attempts to exploit the, the group name and group password must be known. Remote attackers may use this vulnerability to cause the device to fail to work normally or to bypass authentication. A successful attack can result in a device reload. This vulnerability is documented as software bug CSCsh81111. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nJoin the FREE BETA test of the Network Software Inspector (NSI)!\nhttp://secunia.com/network_software_inspector/\n\nThe NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\n1) An unspecified error exists when using the LDAP authentication\nmechanism, which can be exploited to bypass the authentication and\ngain access to the device or the network. \n\nSuccessful exploitation requires that the device uses the Layer 2\nTunneling Protocol (L2TP) and is configured to use LDAP servers with\nanother protocol other than PAP for authentication, or that the\ndevice offers remote management access (telnet, SSH, HTTP) and uses\nan LDAP AAA server for authentication. \n\n2) An unspecified error when using VPN connections configured with\npassword expiry can be exploited to cause a DoS. \n\nSuccessful exploitation requires that the tunnel group is configured\nwith password expiry. \n\n3) A race condition within the processing of non-standard SSL\nsessions in the SSL VPN server of Cisco ASA appliances can be\nexploited to cause the device to reload. \n\nSuccessful exploitation requires that clientless SSL is used. \n\n4) An error within the DHCP relay agent when handling DHCPACK\nmessages can be exploited to cause a DoS due to memory exhaustion by\nsending a large number of DHCP requests to a vulnerable device. \n\nSuccessful exploitation requires that devices are configured to use\nthe DHCP relay agent. \n\nSOLUTION:\nApply updated software versions. Please see vendor advisories for\ndetails. \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) Reported by the vendor. \n4) Lisa Sittler and Grant Deffenbaugh, CERT/CC. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20070502-asa.shtml\nhttp://www.cisco.com/warp/public/707/cisco-sr-20070502-pix.shtml\n\nhttp://www.cisco.com/en/US/products/products_security_response09186a0080833172.html\nhttp://www.cisco.com/en/US/products/products_applied_intelligence_response09186a008083316f.html\n\nUS-CERT VU#530057:\nhttp://www.kb.cert.org/vuls/id/530057\n\nOTHER REFERENCES:\nUS-CERT VU#210876:\nhttp://www.kb.cert.org/vuls/id/210876\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2463"
},
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000336"
},
{
"db": "BID",
"id": "23768"
},
{
"db": "VULHUB",
"id": "VHN-25825"
},
{
"db": "PACKETSTORM",
"id": "56436"
}
],
"trust": 4.23
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-2463",
"trust": 2.8
},
{
"db": "BID",
"id": "23768",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "25109",
"trust": 2.7
},
{
"db": "OSVDB",
"id": "35332",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-1636",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#210876",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#337508",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#530057",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "35331",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000336",
"trust": 0.8
},
{
"db": "XF",
"id": "34021",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20070502 LDAP AND VPN VULNERABILITIES IN PIX AND ASA APPLIANCES",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200705-024",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-25825",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56436",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "VULHUB",
"id": "VHN-25825"
},
{
"db": "BID",
"id": "23768"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000336"
},
{
"db": "PACKETSTORM",
"id": "56436"
},
{
"db": "NVD",
"id": "CVE-2007-2463"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-024"
}
]
},
"id": "VAR-200705-0480",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25825"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:35:24.102000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20070502-asa",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070502-asa.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000336"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2463"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/23768"
},
{
"trust": 2.4,
"url": "http://www.cisco.com/en/us/products/ps6120/index.html"
},
{
"trust": 2.4,
"url": "http://en.wikipedia.org/wiki/intrusion-prevention_system"
},
{
"trust": 2.0,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070502-asa.shtml"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080833166.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/35332"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25109"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2007/1636"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/1636"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34021"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20070502-pix.shtml"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/25109/"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/110/webvpnasa.pdf"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/netsol/ns461/networking_solutions_white_paper0900aecd80282f87.shtml"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080833166.shtml#details"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/pcgi-bin/support/bugtool/onebug.pl?bugid=cscsi16248"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/35331"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/pcgi-bin/support/bugtool/onebug.pl?bugid=cscsh50277"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/ps6120/products_configuration_guide_chapter09186a0080636f31.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2463"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2463"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/34021"
},
{
"trust": 0.4,
"url": "http://www.kb.cert.org/vuls/id/210876"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "/archive/1/467385"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/337508"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/530057"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6102/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_applied_intelligence_response09186a008083316f.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_response09186a0080833172.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6115/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "VULHUB",
"id": "VHN-25825"
},
{
"db": "BID",
"id": "23768"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000336"
},
{
"db": "PACKETSTORM",
"id": "56436"
},
{
"db": "NVD",
"id": "CVE-2007-2463"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-024"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "VULHUB",
"id": "VHN-25825"
},
{
"db": "BID",
"id": "23768"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000336"
},
{
"db": "PACKETSTORM",
"id": "56436"
},
{
"db": "NVD",
"id": "CVE-2007-2463"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-024"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-05-03T00:00:00",
"db": "CERT/CC",
"id": "VU#337508"
},
{
"date": "2007-05-02T00:00:00",
"db": "CERT/CC",
"id": "VU#210876"
},
{
"date": "2007-05-02T00:00:00",
"db": "CERT/CC",
"id": "VU#530057"
},
{
"date": "2007-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-25825"
},
{
"date": "2007-05-02T00:00:00",
"db": "BID",
"id": "23768"
},
{
"date": "2007-05-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000336"
},
{
"date": "2007-05-04T05:48:13",
"db": "PACKETSTORM",
"id": "56436"
},
{
"date": "2007-05-02T22:19:00",
"db": "NVD",
"id": "CVE-2007-2463"
},
{
"date": "2007-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200705-024"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-05-04T00:00:00",
"db": "CERT/CC",
"id": "VU#337508"
},
{
"date": "2007-06-15T00:00:00",
"db": "CERT/CC",
"id": "VU#210876"
},
{
"date": "2007-05-03T00:00:00",
"db": "CERT/CC",
"id": "VU#530057"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-25825"
},
{
"date": "2016-07-06T14:39:00",
"db": "BID",
"id": "23768"
},
{
"date": "2007-05-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000336"
},
{
"date": "2023-08-11T19:02:04.560000",
"db": "NVD",
"id": "CVE-2007-2463"
},
{
"date": "2007-08-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200705-024"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-024"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ASA clientless SSL VPN denial of service vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#337508"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-024"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.