Vulnerabilites related to cisco - ciscoworks
var-200505-0572
Vulnerability from variot
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. Certain TCP implementations may allow a remote attacker to arbitrarily modify host timestamp values, leading to a denial-of-service condition. TCP The implementation of the time stamp option is TCP A vulnerability exists that allows the internal timer on a connection to be changed to any value.the system TCP Connection reset and service disruption (DoS) It may be in a state. The Transmission Control Protocol (TCP) defined in RFC 793 allows reliable host-to-host transmission in a message exchange network. RFC 1323 introduces a number of technologies that enhance TCP performance, two of which are TCP timestamps and sequence number rollback protection (PAWS).
There are security holes in the PAWS technology of TCP RFC 1323. If TCP timestamps are enabled, both endpoints of the TCP connection use the internal clock to mark the TCP header with the timestamp value.
This vulnerability can occur if an attacker sends enough TCP PAWS packets to the vulnerable computer. An attacker can set the message timestamp to a large value. When the target machine processes this message, the internal timer will be updated to this value, which may cause all valid messages received afterwards to be discarded because these messages are considered too old or invalid. This technique may cause the target connection to deny service.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products TCP Timestamp Denial of Service
SECUNIA ADVISORY ID: SA15393
VERIFY ADVISORY: http://secunia.com/advisories/15393/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco SN5400 Series Storage Routers http://secunia.com/product/2188/ Cisco MGX 8900 Series Multiservice Switches http://secunia.com/product/5117/ Cisco MGX 8800 Series Multiservice Switches http://secunia.com/product/5116/ Cisco MGX 8200 Series Edge Concentrators http://secunia.com/product/5115/ Cisco Content Services Switch 11000 Series (WebNS) http://secunia.com/product/1507/ Cisco Aironet 350 Series Access Point http://secunia.com/product/5114/ Cisco Aironet 1200 Series Access Point http://secunia.com/product/1929/
DESCRIPTION: A vulnerability has been reported in some Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service) on active TCP sessions.
Successful exploitation requires knowledge of IP address information of the source and destination of the TCP network connection.
The vulnerability affects the following products: * SN5400 series storage routers * CSS11000 series content services switches * AP350 and AP1200 series Access Points running VxWorks * MGX8200, MGX8800, and MGX8900 series WAN switches (only management interfaces)
SOLUTION: SN5400 series storage routers: The vulnerability has been addressed by CSCin85370.
CSS11000 series content services switches: The vulnerability has been addressed by CSCeh40395.
AP350 and AP1200 series Access Points: The vendor recommends upgrading APs running VxWorks to Cisco IOS.
MGX series WAN switches: The vulnerability has been documented by CSCeh85125 and CSCeh85130.
PROVIDED AND/OR DISCOVERED BY: US-CERT credits Noritoshi Demizu.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml
OTHER REFERENCES: US-CERT VU#637934: http://www.kb.cert.org/vuls/id/637934
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Cisco has acknowledged that various Cisco products are affected.
The published Internet-Draft details three types of attacks, which utilize the following ICMP messages to cause a negative impact on TCP connections either terminating or originating from a vulnerable device.
1) ICMP "hard" error messages 2) ICMP "fragmentation needed and Don't Fragment (DF) bit set" messages (known as PMTUD attacks) 3) ICMP "source quench" messages
These attacks can all be exploited to cause TCP connection resets, reduce the throughput in existing TCP connections, or consume large amounts of CPU and memory resources.
NOTE: See the original advisory for a list of affected versions.
SOLUTION: See patch matrix in vendor advisory for information about fixes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0572",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "freebsd",
"scope": "eq",
"trust": 1.9,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.9,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.9,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.9,
"vendor": "freebsd",
"version": "1.1.5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.9,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "ciscoworks access control list manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.6"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.6"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "3.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.0.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "3.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ciscoworks lms",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.3"
},
{
"model": "ciscoworks access control list manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"model": "conference connection",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.46"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "3.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.1.7.1"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "3.1"
},
{
"model": "intelligent contact manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "unity server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "ciscoworks cd1",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1st"
},
{
"model": "rt105",
"scope": "eq",
"trust": 1.0,
"vendor": "yamaha",
"version": "*"
},
{
"model": "alaxala",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "ax"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.0"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "sn 5428 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.2-k9"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "standard_64-bit"
},
{
"model": "business communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "1000"
},
{
"model": "webns",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.20_\\(03.10\\)s"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3\\(3\\)"
},
{
"model": "callpilot",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "702t"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(2\\)"
},
{
"model": "callpilot",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "200i"
},
{
"model": "business communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "200"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.4"
},
{
"model": "ethernet routing switch 1624",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "webns",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.10_\\(05.07\\)s"
},
{
"model": "ethernet routing switch 1612",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "rtx1500",
"scope": "eq",
"trust": 1.0,
"vendor": "yamaha",
"version": "*"
},
{
"model": "ciscoworks 1105 wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.2"
},
{
"model": "rtv700",
"scope": "eq",
"trust": 1.0,
"vendor": "yamaha",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "aironet ap1200",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "sn 5428 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3.2-k9"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(1\\)"
},
{
"model": "ciscoworks windows wug",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "standard"
},
{
"model": "gr4000",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "*"
},
{
"model": "ip contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.6"
},
{
"model": "universal signaling point",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "compact_lite"
},
{
"model": "rt250i",
"scope": "eq",
"trust": 1.0,
"vendor": "yamaha",
"version": "*"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.10"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5"
},
{
"model": "webns",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.30_\\(00.09\\)s"
},
{
"model": "7250 wlan access point",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "rtx1000",
"scope": "eq",
"trust": 1.0,
"vendor": "yamaha",
"version": "*"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4\\(1\\)"
},
{
"model": "webns",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.20_\\(03.09\\)s"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "sn 5420 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1.3"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "9.0"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2\\(1\\)"
},
{
"model": "ciscoworks cd1",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4th"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "ciscoworks cd1",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5th"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "9.0.5"
},
{
"model": "support tools",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1\\(2\\)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3\\(1\\)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2\\(1.20\\)"
},
{
"model": "sn 5428 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2-3.3.2-k9"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "9.0.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2\\(2\\)"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ciscoworks windows",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "7220 wlan access point",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "sn 5420 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(7\\)"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.6"
},
{
"model": "content services switch 11000",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "optical metro 5100",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "networks",
"scope": "eq",
"trust": 1.0,
"vendor": "alaxala",
"version": "ax5400s"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "web"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "rt300i",
"scope": "eq",
"trust": 1.0,
"vendor": "yamaha",
"version": "*"
},
{
"model": "callpilot",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "703t"
},
{
"model": "agent desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "interactive voice response",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "mgx 8230",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.2.11"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "enterprise"
},
{
"model": "mgx 8250",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.2.11"
},
{
"model": "gr3000",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "*"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "enterprise_64-bit"
},
{
"model": "windows 2003 server",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "content services switch 11150",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.0"
},
{
"model": "sn 5420 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "sn 5420 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(2\\)"
},
{
"model": "remote monitoring suite option",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "ethernet routing switch 1648",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.3"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(3\\)"
},
{
"model": "gs4000",
"scope": "eq",
"trust": 1.0,
"vendor": "hitachi",
"version": "*"
},
{
"model": "sn 5420 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(5\\)"
},
{
"model": "optical metro 5200",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "aironet ap350",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "sn 5428 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.1-k9"
},
{
"model": "mgx 8230",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.2.10"
},
{
"model": "ciscoworks vpn security management solution",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "webns",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.30_\\(00.08\\)s"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(4\\)"
},
{
"model": "rt57i",
"scope": "eq",
"trust": 1.0,
"vendor": "yamaha",
"version": "*"
},
{
"model": "mgx 8250",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.2.10"
},
{
"model": "succession communication server 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "ciscoworks cd1",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2nd"
},
{
"model": "networks",
"scope": "eq",
"trust": 1.0,
"vendor": "alaxala",
"version": "ax7800s"
},
{
"model": "meetingplace",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "web collaboration option",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "sn 5428 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2-3.3.1-k9"
},
{
"model": "sn 5428 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3.1-k9"
},
{
"model": "conference connection",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "content services switch 11501",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "windows 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "sn 5420 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(4\\)"
},
{
"model": "content services switch 11503",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2\\(3\\)"
},
{
"model": "optical metro 5000",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "contact center",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "9.0.4"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.9"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4\\(2\\)"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "networks",
"scope": "eq",
"trust": 1.0,
"vendor": "alaxala",
"version": "ax7800r"
},
{
"model": "ciscoworks 1105 hosting solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "sn 5420 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(3\\)"
},
{
"model": "business communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "400"
},
{
"model": "universal signaling point",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "5200"
},
{
"model": "rtx2000",
"scope": "eq",
"trust": 1.0,
"vendor": "yamaha",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "content services switch 11800",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "rtx1100",
"scope": "eq",
"trust": 1.0,
"vendor": "yamaha",
"version": "*"
},
{
"model": "ip contact center express",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "content services switch 11506",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ciscoworks cd1",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3rd"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "9.0.3"
},
{
"model": "content services switch 11500",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "callpilot",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "201i"
},
{
"model": "tmos",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "9.0.2"
},
{
"model": "e-mail manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "content services switch 11050",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "survivable remote gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "1.0"
},
{
"model": "sn 5428 storage router",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1-k9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1\\(3a\\)"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2003",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "intuity audix",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "remote monitoring suite option",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "windows server enterprise edition sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bigip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "catos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.3"
},
{
"model": "ip contact center express",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bigip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "networks callpilot 200i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "windows server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "rtx1100",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "rfc tcp extensions for high performance",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "1323:"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(4)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.4"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ciscoworks vpn/security management solution",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "windows server datacenter edition sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "networks callpilot 703t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "-stablepre2001-07-20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "windows xp media center edition sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "intelligent contact manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "web collaboration option",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks wlan access point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "7220.0"
},
{
"model": "networks optical metro",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "gs4000",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(2)"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "sn5400 series storage routers",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "6.0"
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "unity server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks ethernet routing switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1624"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.2x"
},
{
"model": "networks optical metro",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5100"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(3)"
},
{
"model": "interactive voice response",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css11150 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.10"
},
{
"model": "css11050 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "e-mail manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server web edition sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1.20)"
},
{
"model": "mgx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css11506 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows datacenter server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.3x"
},
{
"model": "ciscoworks cd1 5th edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "coat systems sgos",
"scope": null,
"trust": 0.3,
"vendor": "blue",
"version": null
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "windows advanced server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows xp embedded",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "networks universal signaling point compact/lite",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.x"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.x"
},
{
"model": "windows professional sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "networks srg",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1.0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4(1)"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "ip contact center enterprise",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "networks ax7800r",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ap350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "rtx1500",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "networks communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.4x"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(3)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "networks bcm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "400"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "pix os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.1"
},
{
"model": "networks contact center",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.6"
},
{
"model": "windows server standard edition sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "networks bcm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "200"
},
{
"model": "rtx2000",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "windows xp professional sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "agent desktop",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "conference connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.10"
},
{
"model": "gr3000",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.2"
},
{
"model": "call manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5x"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "ciscoworks cd1 2nd edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks ax7800s",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "networks universal signaling point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5200"
},
{
"model": "networks callpilot 702t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "networks optical metro",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5200"
},
{
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2.1"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(3)"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.1x"
},
{
"model": "ciscoworks cd1 4th edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "meetingplace",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(5)"
},
{
"model": "windows datacenter server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "rt57i",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2x"
},
{
"model": "css11501 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "gr4000",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "networks callpilot 201i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ciscoworks",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4(2)"
},
{
"model": "rt105",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "intuity audix r5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "networks ethernet routing switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1648"
},
{
"model": "alaxala ax",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "ciscoworks windows/wug",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "personal assistant",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ciscoworks cd1 1st edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1x"
},
{
"model": "ciscoworks hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "rtv700",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(1)"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "support tools",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.5"
},
{
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "rt300i",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.11"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(4)"
},
{
"model": "-current",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "bigip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ios xr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rtx1000",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "coat systems cacheos",
"scope": null,
"trust": 0.3,
"vendor": "blue",
"version": null
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(7)"
},
{
"model": "networks ax5400s",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "windows xp embedded sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "css11503 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(2)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "networks ethernet routing switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1612"
},
{
"model": "windows xp home sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ciscoworks windows",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rt250i",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "conference connection",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "windows professional sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "css11800 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3"
},
{
"model": "ciscoworks cd1 3rd edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "networks bcm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
},
{
"model": "networks wlan access point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "7250.0"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.9"
},
{
"model": "ap1200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "CNVD",
"id": "CNVD-2005-1944"
},
{
"db": "BID",
"id": "13676"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000333"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1247"
},
{
"db": "NVD",
"id": "CVE-2005-0356"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:microsoft:windows_2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_server_2003",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_xp",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000333"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Noritoshi Demizu Daniel Hartmeier\u203b daniel@benzedrine.cx",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1247"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0356",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-0356",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-11565",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0356",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#637934",
"trust": 0.8,
"value": "4.73"
},
{
"author": "NVD",
"id": "CVE-2005-0356",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-1247",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-11565",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "VULHUB",
"id": "VHN-11565"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000333"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1247"
},
{
"db": "NVD",
"id": "CVE-2005-0356"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. Certain TCP implementations may allow a remote attacker to arbitrarily modify host timestamp values, leading to a denial-of-service condition. TCP The implementation of the time stamp option is TCP A vulnerability exists that allows the internal timer on a connection to be changed to any value.the system TCP Connection reset and service disruption (DoS) It may be in a state. The Transmission Control Protocol (TCP) defined in RFC 793 allows reliable host-to-host transmission in a message exchange network. RFC 1323 introduces a number of technologies that enhance TCP performance, two of which are TCP timestamps and sequence number rollback protection (PAWS). \n\n\u00a0There are security holes in the PAWS technology of TCP RFC 1323. If TCP timestamps are enabled, both endpoints of the TCP connection use the internal clock to mark the TCP header with the timestamp value. \n\n\u00a0This vulnerability can occur if an attacker sends enough TCP PAWS packets to the vulnerable computer. An attacker can set the message timestamp to a large value. When the target machine processes this message, the internal timer will be updated to this value, which may cause all valid messages received afterwards to be discarded because these messages are considered too old or invalid. This technique may cause the target connection to deny service. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products TCP Timestamp Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15393\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15393/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco SN5400 Series Storage Routers\nhttp://secunia.com/product/2188/\nCisco MGX 8900 Series Multiservice Switches\nhttp://secunia.com/product/5117/\nCisco MGX 8800 Series Multiservice Switches\nhttp://secunia.com/product/5116/\nCisco MGX 8200 Series Edge Concentrators\nhttp://secunia.com/product/5115/\nCisco Content Services Switch 11000 Series (WebNS)\nhttp://secunia.com/product/1507/\nCisco Aironet 350 Series Access Point\nhttp://secunia.com/product/5114/\nCisco Aironet 1200 Series Access Point\nhttp://secunia.com/product/1929/\n\nDESCRIPTION:\nA vulnerability has been reported in some Cisco products, which can\nbe exploited by malicious people to cause a DoS (Denial of Service)\non active TCP sessions. \n\nSuccessful exploitation requires knowledge of IP address information\nof the source and destination of the TCP network connection. \n\nThe vulnerability affects the following products:\n* SN5400 series storage routers\n* CSS11000 series content services switches\n* AP350 and AP1200 series Access Points running VxWorks\n* MGX8200, MGX8800, and MGX8900 series WAN switches (only management\ninterfaces)\n\nSOLUTION:\nSN5400 series storage routers:\nThe vulnerability has been addressed by CSCin85370. \n\nCSS11000 series content services switches:\nThe vulnerability has been addressed by CSCeh40395. \n\nAP350 and AP1200 series Access Points:\nThe vendor recommends upgrading APs running VxWorks to Cisco IOS. \n\nMGX series WAN switches:\nThe vulnerability has been documented by CSCeh85125 and CSCeh85130. \n\nPROVIDED AND/OR DISCOVERED BY:\nUS-CERT credits Noritoshi Demizu. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml\n\nOTHER REFERENCES:\nUS-CERT VU#637934:\nhttp://www.kb.cert.org/vuls/id/637934\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Cisco has acknowledged\nthat various Cisco products are affected. \n\nThe published Internet-Draft details three types of attacks, which\nutilize the following ICMP messages to cause a negative impact on TCP\nconnections either terminating or originating from a vulnerable\ndevice. \n\n1) ICMP \"hard\" error messages\n2) ICMP \"fragmentation needed and Don\u0027t Fragment (DF) bit set\"\nmessages (known as PMTUD attacks)\n3) ICMP \"source quench\" messages\n\nThese attacks can all be exploited to cause TCP connection resets,\nreduce the throughput in existing TCP connections, or consume large\namounts of CPU and memory resources. \n\nNOTE: See the original advisory for a list of affected versions. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0356"
},
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000333"
},
{
"db": "CNVD",
"id": "CNVD-2005-1944"
},
{
"db": "BID",
"id": "13676"
},
{
"db": "VULHUB",
"id": "VHN-11565"
},
{
"db": "PACKETSTORM",
"id": "42527"
},
{
"db": "PACKETSTORM",
"id": "37673"
},
{
"db": "PACKETSTORM",
"id": "37672"
},
{
"db": "PACKETSTORM",
"id": "37143"
}
],
"trust": 3.6
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-11565",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11565"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#637934",
"trust": 3.8
},
{
"db": "BID",
"id": "13676",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2005-0356",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "15393",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "15417",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "18222",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "18662",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000333",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1247",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2005-1944",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20050518 VULNERABILITY IN A VARIANT OF THE TCP TIMESTAMPS OPTION",
"trust": 0.6
},
{
"db": "FREEBSD",
"id": "FREEBSD-SA-05:15",
"trust": 0.6
},
{
"db": "XF",
"id": "20635",
"trust": 0.6
},
{
"db": "SCO",
"id": "SCOSA-2005.64",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "1008",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-11565",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42527",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37673",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37672",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "14904",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37143",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "CNVD",
"id": "CNVD-2005-1944"
},
{
"db": "VULHUB",
"id": "VHN-11565"
},
{
"db": "BID",
"id": "13676"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000333"
},
{
"db": "PACKETSTORM",
"id": "42527"
},
{
"db": "PACKETSTORM",
"id": "37673"
},
{
"db": "PACKETSTORM",
"id": "37672"
},
{
"db": "PACKETSTORM",
"id": "37143"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1247"
},
{
"db": "NVD",
"id": "CVE-2005-0356"
}
]
},
"id": "VAR-200505-0572",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11565"
}
],
"trust": 0.34090908
},
"last_update_date": "2024-11-23T21:18:55.333000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sn-20050518-tcpts",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml"
},
{
"title": "899480",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/899480.mspx"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/MS05-019.mspx"
},
{
"title": "cisco-sn-20050518-tcpts",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sn-20050518-tcpts-j.shtml"
},
{
"title": "899480",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/advisory/899480.mspx"
},
{
"title": "MS05-019",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms05-019.mspx"
},
{
"title": "Multiple manufacturers TCP/IP Protocol stack implementation timestamp PAWS Remediation measures for remote denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92344"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000333"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1247"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0356"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.securityfocus.com/bid/13676"
},
{
"trust": 2.9,
"url": "http://www.kb.cert.org/vuls/id/637934"
},
{
"trust": 2.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-032.htm"
},
{
"trust": 1.9,
"url": "http://www.ietf.org/rfc/rfc1323.txt"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/15417/"
},
{
"trust": 1.7,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-05:15.tcp.asc"
},
{
"trust": 1.7,
"url": "ftp://ftp.sco.com/pub/updates/unixware/scosa-2005.64/scosa-2005.64.txt"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/15393"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18222"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18662"
},
{
"trust": 1.1,
"url": "http://www.ietf.org/rfc/rfc793.txt"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0356"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc0793.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23637934/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0356"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/20635"
},
{
"trust": 0.4,
"url": "http://openbsd.org/errata36.html#tcp"
},
{
"trust": 0.4,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-148.pdf"
},
{
"trust": 0.3,
"url": "http://www.alaxala.com/jp/support/icmp-20050518.html"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/advisory/899480.mspx"
},
{
"trust": 0.3,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/tcpip/vu637934.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/advisory_tcp_can-2005-0356.html"
},
{
"trust": 0.3,
"url": "http://tech.f5.com/home/bigip-next/solutions/advisories/sol4743.html"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/15393/"
},
{
"trust": 0.3,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.2,
"url": "http://secunia.com/product/1507/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18222/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/136/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/100/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/jgei-6abpp2"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5117/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5115/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5114/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5116/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2188/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1929/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1191.txt"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/56/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/182/"
},
{
"trust": 0.1,
"url": "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/50/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/14904/"
},
{
"trust": 0.1,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/184/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4907/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1122.txt"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/684/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml#software"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/183/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2270/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/53/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3214/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "VULHUB",
"id": "VHN-11565"
},
{
"db": "BID",
"id": "13676"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000333"
},
{
"db": "PACKETSTORM",
"id": "42527"
},
{
"db": "PACKETSTORM",
"id": "37673"
},
{
"db": "PACKETSTORM",
"id": "37672"
},
{
"db": "PACKETSTORM",
"id": "37143"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1247"
},
{
"db": "NVD",
"id": "CVE-2005-0356"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "CNVD",
"id": "CNVD-2005-1944"
},
{
"db": "VULHUB",
"id": "VHN-11565"
},
{
"db": "BID",
"id": "13676"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000333"
},
{
"db": "PACKETSTORM",
"id": "42527"
},
{
"db": "PACKETSTORM",
"id": "37673"
},
{
"db": "PACKETSTORM",
"id": "37672"
},
{
"db": "PACKETSTORM",
"id": "37143"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1247"
},
{
"db": "NVD",
"id": "CVE-2005-0356"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-18T00:00:00",
"db": "CERT/CC",
"id": "VU#637934"
},
{
"date": "2005-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2005-1944"
},
{
"date": "2005-05-31T00:00:00",
"db": "VULHUB",
"id": "VHN-11565"
},
{
"date": "2005-05-18T00:00:00",
"db": "BID",
"id": "13676"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000333"
},
{
"date": "2005-12-26T18:18:14",
"db": "PACKETSTORM",
"id": "42527"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37673"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37672"
},
{
"date": "2005-04-18T07:21:17",
"db": "PACKETSTORM",
"id": "37143"
},
{
"date": "2005-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-1247"
},
{
"date": "2005-05-31T04:00:00",
"db": "NVD",
"id": "CVE-2005-0356"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-08-23T00:00:00",
"db": "CERT/CC",
"id": "VU#637934"
},
{
"date": "2005-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2005-1944"
},
{
"date": "2019-04-30T00:00:00",
"db": "VULHUB",
"id": "VHN-11565"
},
{
"date": "2006-05-17T23:29:00",
"db": "BID",
"id": "13676"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000333"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-1247"
},
{
"date": "2024-11-20T23:54:57.377000",
"db": "NVD",
"id": "CVE-2005-0356"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1247"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TCP does not adequately validate segments before updating timestamp value",
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "13676"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1247"
}
],
"trust": 0.9
}
}
var-200505-1328
Vulnerability from variot
Certain TCP implementations may allow a remote attacker to arbitrarily modify host timestamp values, leading to a denial-of-service condition. A denial-of-service vulnerability exists for the TCP RFC 1323. The issue resides in the Protection Against Wrapped Sequence Numbers (PAWS) technique that was included to increase overall TCP performance. When TCP 'timestamps' are enabled, both hosts at the endpoints of a TCP connection employ internal clocks to mark TCP headers with a 'timestamp' value. The issue manifests if an attacker transmits a sufficient TCP PAWS packet to a vulnerable computer. The attacker sets a large value as the packet timestamp. When the target computer processes this packet, the internal timer is updated to the large value that the attacker supplied. This causes all other valid packets that are received subsequent to an attack to be dropped, because they are deemed to be too old or invalid. This type of attack will effectively deny service for a target connection. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
============================================================================= FreeBSD-SA-05:15.tcp Security Advisory The FreeBSD Project
Topic: TCP connection stall denial of service
Category: core Module: inet Announced: 2005-06-29 Credits: Noritoshi Demizu Affects: All FreeBSD releases. Corrected: 2005-06-29 21:38:48 UTC (RELENG_5, 5.4-STABLE) 2005-06-29 21:41:03 UTC (RELENG_5_4, 5.4-RELEASE-p3) 2005-06-29 21:42:33 UTC (RELENG_5_3, 5.3-RELEASE-p17) 2005-06-29 21:43:42 UTC (RELENG_4, 4.11-STABLE) 2005-06-29 21:45:14 UTC (RELENG_4_11, 4.11-RELEASE-p11) 2005-06-29 21:46:15 UTC (RELENG_4_10, 4.10-RELEASE-p16) CVE Name: CAN-2005-0356, CAN-2005-2068
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
The Transmission Control Protocol (TCP) of the TCP/IP protocol suite provides a connection-oriented, reliable, sequence-preserving data stream service. TCP packets with the SYN flag set are used during setup of new TCP connections.
II. Problem Description
Two problems have been discovered in the FreeBSD TCP stack.
First, when a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection.
Second, a TCP packet with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options.
III. Impact
Using either of the two problems an attacker with knowledge of the local and remote IP and port numbers associated with a connection can cause a denial of service situation by stalling the TCP connection. The stalled TCP connection my be closed after some time by the other host.
IV. Workaround
In some cases it may be possible to defend against these attacks by blocking the attack packets using a firewall. Packets used to effect either of these attacks would have spoofed source IP addresses.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 4-STABLE or 5-STABLE, or to the RELENG_5_4, RELENG_5_3, RELENG_4_11, or RELENG_4_10 security branch dated after the correction date.
2) To patch your present system:
The following patches have been verified to apply to FreeBSD 4.10, 4.11, 5.3, and 5.4 systems.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 4.x]
fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:15/tcp4.patch
fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:15/tcp4.patch.asc
[FreeBSD 5.x]
fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:15/tcp.patch
fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:15/tcp.patch.asc
b) Apply the patch.
cd /usr/src
patch < /path/to/patch
c) Recompile your kernel as described in and reboot the system.
VI. Correction details
The following list contains the revision numbers of each file that was corrected in FreeBSD.
Branch Revision Path
RELENG_4 src/sys/netinet/tcp_input.c 1.107.2.44 RELENG_4_11 src/UPDATING 1.73.2.91.2.12 src/sys/conf/newvers.sh 1.44.2.39.2.15 src/sys/netinet/tcp_input.c 1.107.2.41.4.3 RELENG_4_10 src/UPDATING 1.73.2.90.2.17 src/sys/conf/newvers.sh 1.44.2.34.2.18 src/sys/netinet/tcp_input.c 1.107.2.41.2.1 RELENG_5 src/sys/netinet/tcp_input.c 1.252.2.16 RELENG_5_4 src/UPDATING 1.342.2.24.2.12 src/sys/conf/newvers.sh 1.62.2.18.2.8 src/sys/netinet/tcp_input.c 1.252.2.14.2.1 RELENG_5_3 src/UPDATING 1.342.2.13.2.20 src/sys/conf/newvers.sh 1.62.2.15.2.22 src/sys/netinet/tcp_input.c 1.252.4.1
VII. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0356 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2068 http://www.kb.cert.org/vuls/id/637934
The latest revision of this advisory is available at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD)
iD8DBQFCwxe7FdaIBMps37IRAi39AJ9ss6PVEwloS4SlKEWi5S1hpHnzmACeJF7H rKmK2NtleJ98dTLWW4QLMn4= =6fBH -----END PGP SIGNATURE----- .
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products TCP Timestamp Denial of Service
SECUNIA ADVISORY ID: SA15393
VERIFY ADVISORY: http://secunia.com/advisories/15393/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco SN5400 Series Storage Routers http://secunia.com/product/2188/ Cisco MGX 8900 Series Multiservice Switches http://secunia.com/product/5117/ Cisco MGX 8800 Series Multiservice Switches http://secunia.com/product/5116/ Cisco MGX 8200 Series Edge Concentrators http://secunia.com/product/5115/ Cisco Content Services Switch 11000 Series (WebNS) http://secunia.com/product/1507/ Cisco Aironet 350 Series Access Point http://secunia.com/product/5114/ Cisco Aironet 1200 Series Access Point http://secunia.com/product/1929/
DESCRIPTION: A vulnerability has been reported in some Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service) on active TCP sessions.
The vulnerability is caused due to an error in the implementation of the TCP Timestamp option and can be exploited via specially crafted packets to cause a targeted TCP session to stall until it's reset.
Successful exploitation requires knowledge of IP address information of the source and destination of the TCP network connection.
The vulnerability affects the following products: * SN5400 series storage routers * CSS11000 series content services switches * AP350 and AP1200 series Access Points running VxWorks * MGX8200, MGX8800, and MGX8900 series WAN switches (only management interfaces)
SOLUTION: SN5400 series storage routers: The vulnerability has been addressed by CSCin85370.
CSS11000 series content services switches: The vulnerability has been addressed by CSCeh40395.
AP350 and AP1200 series Access Points: The vendor recommends upgrading APs running VxWorks to Cisco IOS.
MGX series WAN switches: The vulnerability has been documented by CSCeh85125 and CSCeh85130.
PROVIDED AND/OR DISCOVERED BY: US-CERT credits Noritoshi Demizu.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml
OTHER REFERENCES: US-CERT VU#637934: http://www.kb.cert.org/vuls/id/637934
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
For more information: SA14904
SOLUTION: Apply updated packages.
For more information: SA15393
The vulnerability affects all versions of CacheOS and SGOS.
SOLUTION: The vendor recommends disabling RFC1323 support until a patch is available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-1328",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"model": "intuity audix",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "remote monitoring suite option",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "windows server enterprise edition sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows xp 64-bit edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bigip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.1"
},
{
"model": "ciscoworks access control list manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "catos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "ip contact center express",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bigip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.6"
},
{
"model": "networks callpilot 200i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "windows server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "rtx1100",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "rfc tcp extensions for high performance",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "1323:"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(4)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.4"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ciscoworks vpn/security management solution",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.2"
},
{
"model": "windows server datacenter edition sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "networks callpilot 703t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "-stablepre2001-07-20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "windows xp media center edition sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "intelligent contact manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "web collaboration option",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "networks wlan access point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "7220.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0.5"
},
{
"model": "networks optical metro",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "gs4000",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "windows xp 64-bit edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp 64-bit edition version sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(2)"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "sn5400 series storage routers",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "6.0"
},
{
"model": "windows xp 64-bit edition version",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "unity server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks ethernet routing switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1624"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.2x"
},
{
"model": "networks optical metro",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5100"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(3)"
},
{
"model": "interactive voice response",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css11150 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.10"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "css11050 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "e-mail manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server web edition sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1.20)"
},
{
"model": "mgx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "css11506 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows datacenter server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.3x"
},
{
"model": "ciscoworks cd1 5th edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "coat systems sgos",
"scope": null,
"trust": 0.3,
"vendor": "blue",
"version": null
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "windows advanced server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"model": "windows xp embedded",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.3"
},
{
"model": "networks universal signaling point compact/lite",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.x"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.x"
},
{
"model": "windows professional sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "networks srg",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1.0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4(1)"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "ip contact center enterprise",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "networks ax7800r",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2"
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ap350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "rtx1500",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "ciscoworks lms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "networks communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
},
{
"model": "ciscoworks access control list manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.4x"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(3)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "networks bcm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "400"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "pix os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.1"
},
{
"model": "networks contact center",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.6"
},
{
"model": "windows server standard edition sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "networks bcm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "200"
},
{
"model": "rtx2000",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "windows xp professional sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "agent desktop",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.1.5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "conference connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.10"
},
{
"model": "gr3000",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.2"
},
{
"model": "call manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5x"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "ciscoworks cd1 2nd edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks ax7800s",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.2"
},
{
"model": "networks universal signaling point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5200"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"model": "networks callpilot 702t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "networks optical metro",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5200"
},
{
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2.1"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(3)"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.1x"
},
{
"model": "conference connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "ciscoworks cd1 4th edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "meetingplace",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(5)"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.46"
},
{
"model": "windows datacenter server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "rt57i",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2x"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "css11501 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "gr4000",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "networks callpilot 201i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ciscoworks",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4(2)"
},
{
"model": "rt105",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "intuity audix r5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "networks ethernet routing switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1648"
},
{
"model": "alaxala ax",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "ciscoworks windows/wug",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "personal assistant",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ciscoworks cd1 1st edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1x"
},
{
"model": "ciscoworks hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "rtv700",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(1)"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "support tools",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.5"
},
{
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.7.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "rt300i",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.11"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(4)"
},
{
"model": "-current",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "bigip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "ios xr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rtx1000",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "coat systems cacheos",
"scope": null,
"trust": 0.3,
"vendor": "blue",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"model": "sn storage router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "54201.1(7)"
},
{
"model": "networks ax5400s",
"scope": null,
"trust": 0.3,
"vendor": "alaxala",
"version": null
},
{
"model": "windows xp embedded sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "css11503 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(2)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "networks ethernet routing switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1612"
},
{
"model": "windows xp home sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "windows xp tablet pc edition sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ciscoworks windows",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "rt250i",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "conference connection",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "windows professional sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "css11800 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3"
},
{
"model": "ciscoworks cd1 3rd edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.1"
},
{
"model": "intelligent contact manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "unity server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "networks bcm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
},
{
"model": "networks wlan access point",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "7250.0"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.9"
},
{
"model": "ap1200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "BID",
"id": "13676"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "37673"
},
{
"db": "PACKETSTORM",
"id": "37672"
},
{
"db": "PACKETSTORM",
"id": "39827"
},
{
"db": "PACKETSTORM",
"id": "38326"
}
],
"trust": 0.4
},
"cve": "CAN-2005-0356",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [],
"severity": [
{
"author": "CARNEGIE MELLON",
"id": "VU#637934",
"trust": 0.8,
"value": "4.73"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain TCP implementations may allow a remote attacker to arbitrarily modify host timestamp values, leading to a denial-of-service condition. A denial-of-service vulnerability exists for the TCP RFC 1323. The issue resides in the Protection Against Wrapped Sequence Numbers (PAWS) technique that was included to increase overall TCP performance. \nWhen TCP \u0027timestamps\u0027 are enabled, both hosts at the endpoints of a TCP connection employ internal clocks to mark TCP headers with a \u0027timestamp\u0027 value. \nThe issue manifests if an attacker transmits a sufficient TCP PAWS packet to a vulnerable computer. The attacker sets a large value as the packet timestamp. When the target computer processes this packet, the internal timer is updated to the large value that the attacker supplied. This causes all other valid packets that are received subsequent to an attack to be dropped, because they are deemed to be too old or invalid. This type of attack will effectively deny service for a target connection. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-05:15.tcp Security Advisory\n The FreeBSD Project\n\nTopic: TCP connection stall denial of service\n\nCategory: core\nModule: inet\nAnnounced: 2005-06-29\nCredits: Noritoshi Demizu\nAffects: All FreeBSD releases. \nCorrected: 2005-06-29 21:38:48 UTC (RELENG_5, 5.4-STABLE)\n 2005-06-29 21:41:03 UTC (RELENG_5_4, 5.4-RELEASE-p3)\n 2005-06-29 21:42:33 UTC (RELENG_5_3, 5.3-RELEASE-p17)\n 2005-06-29 21:43:42 UTC (RELENG_4, 4.11-STABLE)\n 2005-06-29 21:45:14 UTC (RELENG_4_11, 4.11-RELEASE-p11)\n 2005-06-29 21:46:15 UTC (RELENG_4_10, 4.10-RELEASE-p16)\nCVE Name: CAN-2005-0356, CAN-2005-2068\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit\n\u003cURL:http://www.freebsd.org/security/\u003e. \n\nI. Background\n\nThe Transmission Control Protocol (TCP) of the TCP/IP protocol suite\nprovides a connection-oriented, reliable, sequence-preserving data\nstream service. TCP\npackets with the SYN flag set are used during setup of new TCP\nconnections. \n\nII. Problem Description\n\nTwo problems have been discovered in the FreeBSD TCP stack. \n\nFirst, when a TCP packets containing a timestamp is received, inadequate\nchecking of sequence numbers is performed, allowing an attacker to\nartificially increase the internal \"recent\" timestamp for a connection. \n\nSecond, a TCP packet with the SYN flag set is accepted for established\nconnections, allowing an attacker to overwrite certain TCP options. \n\nIII. Impact\n\nUsing either of the two problems an attacker with knowledge of the\nlocal and remote IP and port numbers associated with a connection\ncan cause a denial of service situation by stalling the TCP connection. \nThe stalled TCP connection my be closed after some time by the other\nhost. \n\nIV. Workaround\n\nIn some cases it may be possible to defend against these attacks by\nblocking the attack packets using a firewall. Packets used to effect\neither of these attacks would have spoofed source IP addresses. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 4-STABLE or 5-STABLE, or to the\nRELENG_5_4, RELENG_5_3, RELENG_4_11, or RELENG_4_10 security branch\ndated after the correction date. \n\n2) To patch your present system:\n\nThe following patches have been verified to apply to FreeBSD 4.10,\n4.11, 5.3, and 5.4 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 4.x]\n# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:15/tcp4.patch\n# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:15/tcp4.patch.asc\n\n[FreeBSD 5.x]\n# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:15/tcp.patch\n# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:15/tcp.patch.asc\n\nb) Apply the patch. \n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile your kernel as described in\n\u003cURL:http://www.freebsd.org/handbook/kernelconfig.html\u003e and reboot the\nsystem. \n\nVI. Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nBranch Revision\n Path\n- -------------------------------------------------------------------------\nRELENG_4\n src/sys/netinet/tcp_input.c 1.107.2.44\nRELENG_4_11\n src/UPDATING 1.73.2.91.2.12\n src/sys/conf/newvers.sh 1.44.2.39.2.15\n src/sys/netinet/tcp_input.c 1.107.2.41.4.3\nRELENG_4_10\n src/UPDATING 1.73.2.90.2.17\n src/sys/conf/newvers.sh 1.44.2.34.2.18\n src/sys/netinet/tcp_input.c 1.107.2.41.2.1\nRELENG_5\n src/sys/netinet/tcp_input.c 1.252.2.16\nRELENG_5_4\n src/UPDATING 1.342.2.24.2.12\n src/sys/conf/newvers.sh 1.62.2.18.2.8\n src/sys/netinet/tcp_input.c 1.252.2.14.2.1\nRELENG_5_3\n src/UPDATING 1.342.2.13.2.20\n src/sys/conf/newvers.sh 1.62.2.15.2.22\n src/sys/netinet/tcp_input.c 1.252.4.1\n- -------------------------------------------------------------------------\n\nVII. References\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0356\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2068\nhttp://www.kb.cert.org/vuls/id/637934\n\nThe latest revision of this advisory is available at\nftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.1 (FreeBSD)\n\niD8DBQFCwxe7FdaIBMps37IRAi39AJ9ss6PVEwloS4SlKEWi5S1hpHnzmACeJF7H\nrKmK2NtleJ98dTLWW4QLMn4=\n=6fBH\n-----END PGP SIGNATURE-----\n. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products TCP Timestamp Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15393\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15393/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco SN5400 Series Storage Routers\nhttp://secunia.com/product/2188/\nCisco MGX 8900 Series Multiservice Switches\nhttp://secunia.com/product/5117/\nCisco MGX 8800 Series Multiservice Switches\nhttp://secunia.com/product/5116/\nCisco MGX 8200 Series Edge Concentrators\nhttp://secunia.com/product/5115/\nCisco Content Services Switch 11000 Series (WebNS)\nhttp://secunia.com/product/1507/\nCisco Aironet 350 Series Access Point\nhttp://secunia.com/product/5114/\nCisco Aironet 1200 Series Access Point\nhttp://secunia.com/product/1929/\n\nDESCRIPTION:\nA vulnerability has been reported in some Cisco products, which can\nbe exploited by malicious people to cause a DoS (Denial of Service)\non active TCP sessions. \n\nThe vulnerability is caused due to an error in the implementation of\nthe TCP Timestamp option and can be exploited via specially crafted\npackets to cause a targeted TCP session to stall until it\u0027s reset. \n\nSuccessful exploitation requires knowledge of IP address information\nof the source and destination of the TCP network connection. \n\nThe vulnerability affects the following products:\n* SN5400 series storage routers\n* CSS11000 series content services switches\n* AP350 and AP1200 series Access Points running VxWorks\n* MGX8200, MGX8800, and MGX8900 series WAN switches (only management\ninterfaces)\n\nSOLUTION:\nSN5400 series storage routers:\nThe vulnerability has been addressed by CSCin85370. \n\nCSS11000 series content services switches:\nThe vulnerability has been addressed by CSCeh40395. \n\nAP350 and AP1200 series Access Points:\nThe vendor recommends upgrading APs running VxWorks to Cisco IOS. \n\nMGX series WAN switches:\nThe vulnerability has been documented by CSCeh85125 and CSCeh85130. \n\nPROVIDED AND/OR DISCOVERED BY:\nUS-CERT credits Noritoshi Demizu. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml\n\nOTHER REFERENCES:\nUS-CERT VU#637934:\nhttp://www.kb.cert.org/vuls/id/637934\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nFor more information:\nSA14904\n\nSOLUTION:\nApply updated packages. \n\nFor more information:\nSA15393\n\nThe vulnerability affects all versions of CacheOS and SGOS. \n\nSOLUTION:\nThe vendor recommends disabling RFC1323 support until a patch is\navailable",
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "BID",
"id": "13676"
},
{
"db": "PACKETSTORM",
"id": "38381"
},
{
"db": "PACKETSTORM",
"id": "37673"
},
{
"db": "PACKETSTORM",
"id": "37672"
},
{
"db": "PACKETSTORM",
"id": "39827"
},
{
"db": "PACKETSTORM",
"id": "38326"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#637934",
"trust": 1.4
},
{
"db": "BID",
"id": "13676",
"trust": 1.1
},
{
"db": "NVD",
"id": "CAN-2005-0356",
"trust": 0.5
},
{
"db": "SECUNIA",
"id": "15417",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "15393",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "15851",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "38381",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37673",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37672",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "16701",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "39827",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38326",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "BID",
"id": "13676"
},
{
"db": "PACKETSTORM",
"id": "38381"
},
{
"db": "PACKETSTORM",
"id": "37673"
},
{
"db": "PACKETSTORM",
"id": "37672"
},
{
"db": "PACKETSTORM",
"id": "39827"
},
{
"db": "PACKETSTORM",
"id": "38326"
}
]
},
"id": "VAR-200505-1328",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-06T15:25:21.418000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "http://www.ietf.org/rfc/rfc1323.txt"
},
{
"trust": 1.1,
"url": "http://www.ietf.org/rfc/rfc793.txt"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/13676"
},
{
"trust": 0.5,
"url": "http://www.kb.cert.org/vuls/id/637934"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml"
},
{
"trust": 0.4,
"url": "http://openbsd.org/errata36.html#tcp"
},
{
"trust": 0.4,
"url": "http://www.bluecoat.com/support/knowledge/advisory_tcp_can-2005-0356.html"
},
{
"trust": 0.4,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-148.pdf"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-032.htm"
},
{
"trust": 0.3,
"url": "http://www.alaxala.com/jp/support/icmp-20050518.html"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/advisory/899480.mspx"
},
{
"trust": 0.3,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/tcpip/vu637934.html"
},
{
"trust": 0.3,
"url": "http://tech.f5.com/home/bigip-next/solutions/advisories/sol4743.html"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/15393/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-2068"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0356"
},
{
"trust": 0.1,
"url": "http://www.freebsd.org/security/\u003e."
},
{
"trust": 0.1,
"url": "http://www.freebsd.org/handbook/kernelconfig.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/15417/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/100/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/jgei-6abpp2"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1507/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5117/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5115/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5114/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5116/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2188/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1929/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/14904/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/16701/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/136/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2213/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2133/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/15851/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2132/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2214/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "BID",
"id": "13676"
},
{
"db": "PACKETSTORM",
"id": "38381"
},
{
"db": "PACKETSTORM",
"id": "37673"
},
{
"db": "PACKETSTORM",
"id": "37672"
},
{
"db": "PACKETSTORM",
"id": "39827"
},
{
"db": "PACKETSTORM",
"id": "38326"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#637934"
},
{
"db": "BID",
"id": "13676"
},
{
"db": "PACKETSTORM",
"id": "38381"
},
{
"db": "PACKETSTORM",
"id": "37673"
},
{
"db": "PACKETSTORM",
"id": "37672"
},
{
"db": "PACKETSTORM",
"id": "39827"
},
{
"db": "PACKETSTORM",
"id": "38326"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-18T00:00:00",
"db": "CERT/CC",
"id": "VU#637934"
},
{
"date": "2005-05-18T00:00:00",
"db": "BID",
"id": "13676"
},
{
"date": "2005-07-01T06:40:37",
"db": "PACKETSTORM",
"id": "38381"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37673"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37672"
},
{
"date": "2005-09-07T04:42:13",
"db": "PACKETSTORM",
"id": "39827"
},
{
"date": "2005-07-01T04:46:03",
"db": "PACKETSTORM",
"id": "38326"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-08-23T00:00:00",
"db": "CERT/CC",
"id": "VU#637934"
},
{
"date": "2006-05-17T23:29:00",
"db": "BID",
"id": "13676"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "13676"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TCP does not adequately validate segments before updating timestamp value",
"sources": [
{
"db": "CERT/CC",
"id": "VU#637934"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "13676"
}
],
"trust": 0.3
}
}
var-200703-0606
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form. Multiple Cisco products are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue by enticing a victim into following a maliciously crafted URI. Attackers may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco IDs: CSCsh91761, CSCsh52300, CSCsh91884, CSCsi12435, CSCsh91901, CSCsi10405, CSCsh91953, CSCsh93070, CSCsh93854, CSCek71039, CSCsh95009, CSCsi10818, CSCsi10674, CSCsi10982, CSCsi13743, CSCsi13763. A remote attacker can inject arbitrary web script or HTML with the help of a text field in search format.
Input passed to the search code of PreSearch.html or PreSearch.class (depending on software or device) is not properly sanitised before being returned to the user.
SOLUTION: If possible, the vendor recommends deleting or renaming the PreSearch.html and PreSearch.class files.
PROVIDED AND/OR DISCOVERED BY: Independently discovered by Erwin Paternotte from Fox-IT and Cassio Goldschmidt.
ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sr-20070315-xss.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200703-0606",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wan manager",
"scope": null,
"trust": 1.7,
"vendor": "cisco",
"version": null
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0.2c"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0.2a"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.8.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 1.5,
"vendor": "cisco",
"version": "30002.5.2"
},
{
"model": "call manager",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "network analysis module",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "meetingplace",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "security device manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "meetingplace",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified video advantage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified videoconferencing",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ip communicator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified videoconferencing manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.4"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.2b"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "wan manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "wireless lan controllers",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.1"
},
{
"model": "acs solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified meetingplace express",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "ciscoworks",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified personal communicator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "wireless lan solution engine",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ip communicator",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "secure access control server solution engine",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unified meetingplace",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "vpn client",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wireless control system",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "security device manager",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unified meetingplace express",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unified personal communicator",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unified video advantage",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unified videoconferencing",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "35xx product"
},
{
"model": "unified videoconferencing manager",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wireless lan controllers",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "2006"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.0.3"
},
{
"model": "wireless lan controllers",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.8.1"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.8"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.7.0533"
},
{
"model": "vpn client for windows c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "vpn client for windows a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.6.1"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.4"
},
{
"model": "vpn client for windows b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for windows c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.5"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.7"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6"
},
{
"model": "vpn client for solaris c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "vpn client for solaris a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.6.1"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.4"
},
{
"model": "vpn client for solaris b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for mac os c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.2"
},
{
"model": "vpn client for mac os a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.2"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x3.6.1"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x3.6"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x3.5.4"
},
{
"model": "vpn client for mac os b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x3.5.2"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x3.5.2"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x3.5.1"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.6.1"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.4"
},
{
"model": "vpn client for linux b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn concentrator g",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.7.2"
},
{
"model": "vpn concentrator f",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.7"
},
{
"model": "vpn concentrator m",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.1.7"
},
{
"model": "vpn concentrator .b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.1.5"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.1.x"
},
{
"model": "vpn concentrator .b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0.5"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0.x"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0"
},
{
"model": "vpn concentrator d",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.7"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.7"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.5"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.4"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.3"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.2"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.4"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.2"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0.4"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.0"
},
{
"model": "vpn concentrator 4.1.7.b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "vpn concentrator 4.1.7.a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "unified videoconferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified video advantage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified personal communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified meetingplace express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security device manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "secure acs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ciscoworks windows/wug",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ciscoworks windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ciscoworks windows",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks vpn/security management solution",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks monitoring center for security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "ciscoworks monitoring center for security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "ciscoworks monitoring center for security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "ciscoworks monitoring center for security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ciscoworks management center for ids sensors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "ciscoworks management center for ids sensors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "ciscoworks management center for ids sensors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "ciscoworks management center for ids sensors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "ciscoworks management center for ids sensors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ciscoworks lms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ciscoworks cd1 5th edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks cd1 4th edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks cd1 3rd edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks cd1 2nd edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks cd1 1st edition",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks access control list manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.6"
},
{
"model": "ciscoworks access control list manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "ciscoworks hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20060"
}
],
"sources": [
{
"db": "BID",
"id": "22982"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001703"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-426"
},
{
"db": "NVD",
"id": "CVE-2007-1467"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:call_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:ip_communicator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:acs_solution_engine",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_meetingplace",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:vpn_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:wan_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:wireless_control_system",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:ciscoworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:wireless_lan_solution_engine",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:meetingplace",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:network_analysis_module",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:security_device_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_meetingplace_express",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_personal_communicator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_video_advantage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_videoconferencing",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_videoconferencing_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:wireless_lan_controllers",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001703"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Erwin Paternotte from Fox-IT and Cassio Goldschmidt are credited with the discovery of this issue.",
"sources": [
{
"db": "BID",
"id": "22982"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-426"
}
],
"trust": 0.9
},
"cve": "CVE-2007-1467",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2007-1467",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-24829",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-1467",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2007-1467",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-200703-426",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-24829",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24829"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001703"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-426"
},
{
"db": "NVD",
"id": "CVE-2007-1467"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form. Multiple Cisco products are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. \nAn attacker may leverage this issue by enticing a victim into following a maliciously crafted URI. \nAttackers may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. \nThis issue is being tracked by Cisco IDs: CSCsh91761, CSCsh52300, CSCsh91884, CSCsi12435, CSCsh91901, CSCsi10405, CSCsh91953, CSCsh93070, CSCsh93854, CSCek71039, CSCsh95009, CSCsi10818, CSCsi10674, CSCsi10982, CSCsi13743, CSCsi13763. A remote attacker can inject arbitrary web script or HTML with the help of a text field in search format. \n\nInput passed to the search code of PreSearch.html or PreSearch.class\n(depending on software or device) is not properly sanitised before\nbeing returned to the user. \n\nSOLUTION:\nIf possible, the vendor recommends deleting or renaming the\nPreSearch.html and PreSearch.class files. \n\nPROVIDED AND/OR DISCOVERED BY:\nIndependently discovered by Erwin Paternotte from Fox-IT and Cassio\nGoldschmidt. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sr-20070315-xss.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1467"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001703"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-426"
},
{
"db": "BID",
"id": "22982"
},
{
"db": "VULHUB",
"id": "VHN-24829"
},
{
"db": "PACKETSTORM",
"id": "55116"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-1467",
"trust": 2.8
},
{
"db": "BID",
"id": "22982",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "24499",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1017778",
"trust": 1.7
},
{
"db": "SREASON",
"id": "2437",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-0973",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001703",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200703-426",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20070315 XSS VULNERABILITY IN THE ONLINE HELP SYSTEM OF SEVERAL CISCO PRODUCTS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20070315 RE: XSS VULNERABILITY IN THE ONLINE HELP SYSTEM OF SEVERAL CISCO PRODUCTS",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20070315 CROSS-SITE SCRIPTING VULNERABILITY IN ONLINE HELP SYSTEM",
"trust": 0.6
},
{
"db": "XF",
"id": "33024",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-24829",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "55116",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24829"
},
{
"db": "BID",
"id": "22982"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001703"
},
{
"db": "PACKETSTORM",
"id": "55116"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-426"
},
{
"db": "NVD",
"id": "CVE-2007-1467"
}
]
},
"id": "VAR-200703-0606",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-24829"
}
],
"trust": 0.70048882
},
"last_update_date": "2024-11-23T23:00:20.777000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Document ID: 607",
"trust": 0.8,
"url": "http://www.cisco.com/en/US/products/csr/cisco-sr-20070315-xss.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001703"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1467"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/22982"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_response09186a0080803fe4.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017778"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24499"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/2437"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/462944/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/462932/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/0973"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33024"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1467"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1467"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/462944/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/462932/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/33024"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0973"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20070315-xss.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "/archive/1/462944"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13664/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10635/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6330/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13676/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5603/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13660/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11019/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11848/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5604/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2272/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6025/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13663/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13675/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13661/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2267/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13665/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13672/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/123/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5363/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13658/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13666/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11850/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2805/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24499/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13667/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13673/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13668/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/259/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12534/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11849/"
},
{
"trust": 0.1,
"url": "http://secunia.com/disassembling_og_reversing/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12535/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13671/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2266/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13662/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6035/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13674/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24829"
},
{
"db": "BID",
"id": "22982"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001703"
},
{
"db": "PACKETSTORM",
"id": "55116"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-426"
},
{
"db": "NVD",
"id": "CVE-2007-1467"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-24829"
},
{
"db": "BID",
"id": "22982"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001703"
},
{
"db": "PACKETSTORM",
"id": "55116"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-426"
},
{
"db": "NVD",
"id": "CVE-2007-1467"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-16T00:00:00",
"db": "VULHUB",
"id": "VHN-24829"
},
{
"date": "2007-03-15T00:00:00",
"db": "BID",
"id": "22982"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001703"
},
{
"date": "2007-03-17T02:22:27",
"db": "PACKETSTORM",
"id": "55116"
},
{
"date": "2007-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-426"
},
{
"date": "2007-03-16T21:19:00",
"db": "NVD",
"id": "CVE-2007-1467"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-24829"
},
{
"date": "2015-05-12T19:33:00",
"db": "BID",
"id": "22982"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001703"
},
{
"date": "2007-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-426"
},
{
"date": "2024-11-21T00:28:22.977000",
"db": "NVD",
"id": "CVE-2007-1467"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-426"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Product PreSearch.html Cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001703"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "55116"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-426"
}
],
"trust": 0.7
}
}
var-200712-0411
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in the login page in Cisco CiscoWorks Server (CS), possibly 2.6 and earlier, when using CiscoWorks Common Services 3.0.x and 3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CiscoWorks is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. CiscoWorks 2.6 is vulnerable; other versions may also be affected.
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
TITLE: CiscoWorks Common Services Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA27902
VERIFY ADVISORY: http://secunia.com/advisories/27902/
CRITICAL: Less critical
IMPACT: Cross Site Scripting
WHERE:
From remote
SOFTWARE: CiscoWorks Common Services Software 3.x http://secunia.com/product/6330/
DESCRIPTION: Dave Lewis has reported a vulnerability in CiscoWorks Common Services, which can be exploited by malicious people to conduct cross-site scripting attacks.
Unspecified input passed to the CiscoWorks Server login page is not properly sanitised before being returned to the user.
The vulnerability is reported in CiscoWorks Common Services 3.0.x and 3.1 for both Solaris and Windows systems.
SOLUTION: Apply vendor patch (registered customers). http://www.cisco.com/pcgi-bin/tablebuild.pl/cw2000-cd-one
PROVIDED AND/OR DISCOVERED BY: Dave Lewis
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sr-20071205-cw.shtml
Liquidmatrix: http://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200712-0411",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ciscoworks server",
"scope": "lte",
"trust": 1.8,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ciscoworks",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
}
],
"sources": [
{
"db": "BID",
"id": "26708"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002809"
},
{
"db": "NVD",
"id": "CVE-2007-5582"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:ciscoworks_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002809"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dave Lewis is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "26708"
}
],
"trust": 0.3
},
"cve": "CVE-2007-5582",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-5582",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-28944",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-5582",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-5582",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200712-411",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-28944",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28944"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002809"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-411"
},
{
"db": "NVD",
"id": "CVE-2007-5582"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the login page in Cisco CiscoWorks Server (CS), possibly 2.6 and earlier, when using CiscoWorks Common Services 3.0.x and 3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CiscoWorks is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. \nCiscoWorks 2.6 is vulnerable; other versions may also be affected. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nGet a free trial of the Secunia Vulnerability Intelligence Solutions:\nhttp://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv\n\n----------------------------------------------------------------------\n\nTITLE:\nCiscoWorks Common Services Cross-Site Scripting Vulnerability\n\nSECUNIA ADVISORY ID:\nSA27902\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/27902/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nCross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nCiscoWorks Common Services Software 3.x\nhttp://secunia.com/product/6330/\n\nDESCRIPTION:\nDave Lewis has reported a vulnerability in CiscoWorks Common\nServices, which can be exploited by malicious people to conduct\ncross-site scripting attacks. \n\nUnspecified input passed to the CiscoWorks Server login page is not\nproperly sanitised before being returned to the user. \n\nThe vulnerability is reported in CiscoWorks Common Services 3.0.x and\n3.1 for both Solaris and Windows systems. \n\nSOLUTION:\nApply vendor patch (registered customers). \nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/cw2000-cd-one\n\nPROVIDED AND/OR DISCOVERED BY:\nDave Lewis\n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sr-20071205-cw.shtml\n\nLiquidmatrix:\nhttp://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5582"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002809"
},
{
"db": "BID",
"id": "26708"
},
{
"db": "VULHUB",
"id": "VHN-28944"
},
{
"db": "PACKETSTORM",
"id": "61551"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-5582",
"trust": 2.8
},
{
"db": "BID",
"id": "26708",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "27902",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-4102",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1019043",
"trust": 1.7
},
{
"db": "SREASON",
"id": "3449",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002809",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20071205 ADVISORY: CROSS SITE SCRIPTING IN CISCOWORKS",
"trust": 0.6
},
{
"db": "XF",
"id": "38862",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20071205 CISCOWORKS SERVER XSS VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200712-411",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-28944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "61551",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28944"
},
{
"db": "BID",
"id": "26708"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002809"
},
{
"db": "PACKETSTORM",
"id": "61551"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-411"
},
{
"db": "NVD",
"id": "CVE-2007-5582"
}
]
},
"id": "VAR-200712-0411",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-28944"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:28:11.116000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Document ID: 605",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20071205-cw"
},
{
"title": "Cisco CiscoWorks Server Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=175103"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002809"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-411"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28944"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002809"
},
{
"db": "NVD",
"id": "CVE-2007-5582"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20071205-cw.shtml"
},
{
"trust": 1.8,
"url": "http://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks/"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/26708"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1019043"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27902"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/3449"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4102"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails\u0026bugid=cscsk69289"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/484609/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38862"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5582"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5582"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/484609/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/38862"
},
{
"trust": 0.3,
"url": "http://www.cisco.com"
},
{
"trust": 0.3,
"url": "/archive/1/484609"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails\u0026amp;bugid=cscsk69289"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/cw2000-cd-one"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6330/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/27902/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28944"
},
{
"db": "BID",
"id": "26708"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002809"
},
{
"db": "PACKETSTORM",
"id": "61551"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-411"
},
{
"db": "NVD",
"id": "CVE-2007-5582"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-28944"
},
{
"db": "BID",
"id": "26708"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002809"
},
{
"db": "PACKETSTORM",
"id": "61551"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-411"
},
{
"db": "NVD",
"id": "CVE-2007-5582"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-15T00:00:00",
"db": "VULHUB",
"id": "VHN-28944"
},
{
"date": "2007-12-05T00:00:00",
"db": "BID",
"id": "26708"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002809"
},
{
"date": "2007-12-07T16:22:07",
"db": "PACKETSTORM",
"id": "61551"
},
{
"date": "2007-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-411"
},
{
"date": "2007-12-15T01:46:00",
"db": "NVD",
"id": "CVE-2007-5582"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-28944"
},
{
"date": "2007-12-06T00:22:00",
"db": "BID",
"id": "26708"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002809"
},
{
"date": "2021-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-411"
},
{
"date": "2024-11-21T00:38:14.973000",
"db": "NVD",
"id": "CVE-2007-5582"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-411"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco CiscoWorks Server (CS) Login page cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002809"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "61551"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-411"
}
],
"trust": 0.7
}
}
cve-2007-1467
Vulnerability from cvelistv5
Published
2007-03-16 21:00
Modified
2024-08-07 12:59
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/462932/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html | vendor-advisory, x_refsource_CISCO | |
| http://securityreason.com/securityalert/2437 | third-party-advisory, x_refsource_SREASON | |
| http://secunia.com/advisories/24499 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33024 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1017778 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/462944/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/22982 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2007/0973 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070315 XSS vulnerability in the online help system of several Cisco products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462932/100/0/threaded"
},
{
"name": "20070315 Cross-Site Scripting Vulnerability in Online Help System",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html"
},
{
"name": "2437",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2437"
},
{
"name": "24499",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24499"
},
{
"name": "cisco-presearch-xss(33024)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33024"
},
{
"name": "1017778",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017778"
},
{
"name": "20070315 Re: XSS vulnerability in the online help system of several Cisco products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462944/100/0/threaded"
},
{
"name": "22982",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22982"
},
{
"name": "ADV-2007-0973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0973"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070315 XSS vulnerability in the online help system of several Cisco products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462932/100/0/threaded"
},
{
"name": "20070315 Cross-Site Scripting Vulnerability in Online Help System",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html"
},
{
"name": "2437",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2437"
},
{
"name": "24499",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24499"
},
{
"name": "cisco-presearch-xss(33024)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33024"
},
{
"name": "1017778",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017778"
},
{
"name": "20070315 Re: XSS vulnerability in the online help system of several Cisco products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462944/100/0/threaded"
},
{
"name": "22982",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22982"
},
{
"name": "ADV-2007-0973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0973"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1467",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070315 XSS vulnerability in the online help system of several Cisco products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462932/100/0/threaded"
},
{
"name": "20070315 Cross-Site Scripting Vulnerability in Online Help System",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html"
},
{
"name": "2437",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2437"
},
{
"name": "24499",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24499"
},
{
"name": "cisco-presearch-xss(33024)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33024"
},
{
"name": "1017778",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017778"
},
{
"name": "20070315 Re: XSS vulnerability in the online help system of several Cisco products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462944/100/0/threaded"
},
{
"name": "22982",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22982"
},
{
"name": "ADV-2007-0973",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0973"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1467",
"datePublished": "2007-03-16T21:00:00",
"dateReserved": "2007-03-16T00:00:00",
"dateUpdated": "2024-08-07T12:59:08.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-03-16 21:19
Modified
2024-11-21 00:28
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:acs_solution_engine:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2053FEE9-7DE5-4C5E-B2C1-5652301DBFFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:acs_solution_engine:4.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "3436B987-134F-47FD-94A9-B22E1D6E1F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A687E771-9653-4FB6-888C-C6D7874E8F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2590B4-F61E-4ED9-B4B2-45227CDF8E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:meetingplace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41EEA208-7F2E-4E01-8C8C-29009161E6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_device_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42E7C476-E8CE-4CD4-9ED2-926B4BA6EDF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713CDBB9-F841-455A-B173-7B239DF087D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_express:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8932A12B-BDAD-4078-92C3-720CE4E204CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_personal_communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC0A911-917D-426B-84D3-05BEAEE9C81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_video_advantage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1BDD7B4-CD06-44D9-855B-30FFE673014E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_videoconferencing:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B50D62D1-83D3-4347-A979-503294EC4B9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_videoconferencing_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19065178-BD77-4ED5-AE31-9904E348B2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "2BD00D0A-EB6E-41AA-851D-9DD258E23BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "88EB557F-33CD-40FE-B470-04F93CB2F3E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:linux:*:*:*:*:*",
"matchCriteriaId": "F2EEB23E-4592-49A1-BDC6-110580340AAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "D548CEFE-1970-42D3-9039-196A3B5F5D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:solaris:*:*:*:*:*",
"matchCriteriaId": "2D4BDB9B-99D8-42B7-8D57-2B57029220F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2b:*:linux:*:*:*:*:*",
"matchCriteriaId": "B2F5C5E1-59A5-4402-BF6A-DDD05F8F07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2b:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "269EE54C-B6C7-4F3E-B4ED-12CF9F277569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2b:*:solaris:*:*:*:*:*",
"matchCriteriaId": "12A573DB-1D58-4A78-85C6-B2A3B09F34B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.4:*:linux:*:*:*:*:*",
"matchCriteriaId": "DEB505B7-54A0-4A53-81FC-9E6635A50BB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.4:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "1728BA7D-0124-4E7B-9D0A-549DB87F3732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.5.4:*:solaris:*:*:*:*:*",
"matchCriteriaId": "DD1D17D3-F56E-47FC-90F9-54AC4446CB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.6:*:linux:*:*:*:*:*",
"matchCriteriaId": "9A9F7CE9-771E-4F0C-B4DD-B9517F70BBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.6:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "0C7B2037-406B-4A18-9B5D-D3F206C58AE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.6:*:solaris:*:*:*:*:*",
"matchCriteriaId": "08A9E927-1092-4F6A-A099-DB80EA060F54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.6.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "872A3F31-1008-416A-9881-803E7DF11B1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.6.1:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "50FB297D-5289-46D1-82C2-E83C3020895C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:3.6.1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "D88E0D0C-03EF-4528-93C9-97B39342CA82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:4.0.2a:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "4C111372-50F2-4F3E-8DFE-1EB5509B489C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:4.0.2a:*:solaris:*:*:*:*:*",
"matchCriteriaId": "B19317CB-C159-4BEF-B8F8-A919E8DF6783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:4.0.2c:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "B7C7C00F-72E3-41E1-A763-0209AF639053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:4.0.2c:*:solaris:*:*:*:*:*",
"matchCriteriaId": "B205CD80-4469-4DA9-B0E1-73C2B83E33D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_client:4.8.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "8FD6C3C5-A7D3-4208-A23C-BA7D5626FB92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wan_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFD455A-7E41-4C95-A1E9-1A4867DA4F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wireless_lan_controllers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C88AB3CC-4F0E-4A82-B4F0-13EDA4948BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FDEE04C-0231-42F7-9736-EB3B7A020E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:network_analysis_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD82BCCE-F68A-48A5-B484-98D9C3024E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:wireless_control_system:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF3680D-50CB-4854-84B8-34129DDB2A2A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en (1) PreSearch.html y (2) PreSearch.class en Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks y productos relacionados, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), y Wireless Control System (WCS) permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de campos de texto de un formulario de b\u00fasqueda."
}
],
"id": "CVE-2007-1467",
"lastModified": "2024-11-21T00:28:22.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-03-16T21:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24499"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2437"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/462932/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/462944/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22982"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017778"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0973"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/462932/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/462944/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33024"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}