cvelistv5 - cve-2002-2140

cve-2002-2140

Vulnerability from cvelistv5

Published

2005-11-16 21:17

Modified

2024-09-17 04:25

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://www.ciac.org/ciac/bulletins/n-017.shtml	Patch
cve@mitre.org	http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml	Patch
cve@mitre.org	http://www.iss.net/security_center/static/10661.php	Patch
cve@mitre.org	http://www.securityfocus.com/bid/6212	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.ciac.org/ciac/bulletins/n-017.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/10661.php	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/6212	Patch

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:51:17.681Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20021120 Cisco PIX Multiple Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
          },
          {
            "name": "6212",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/6212"
          },
          {
            "name": "N-017",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/n-017.shtml"
          },
          {
            "name": "cisco-pix-http-dos(10661)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/10661.php"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-11-16T21:17:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20021120 Cisco PIX Multiple Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
        },
        {
          "name": "6212",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/6212"
        },
        {
          "name": "N-017",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/n-017.shtml"
        },
        {
          "name": "cisco-pix-http-dos(10661)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/10661.php"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20021120 Cisco PIX Multiple Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
            },
            {
              "name": "6212",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/6212"
            },
            {
              "name": "N-017",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/n-017.shtml"
            },
            {
              "name": "cisco-pix-http-dos(10661)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/10661.php"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-2140",
    "datePublished": "2005-11-16T21:17:00Z",
    "dateReserved": "2005-11-16T00:00:00Z",
    "dateUpdated": "2024-09-17T04:25:01.488Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2002-2140\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2002-12-31T05:00:00.000\",\"lastModified\":\"2024-11-20T23:42:58.167\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"999A0969-60EB-4B2E-A274-9F05D9F840E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:5.2\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"626E41D2-A5EF-493D-9486-3D9BC3793EAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:5.2\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBA31E4D-2215-4E4A-BCCC-B3D922CB752D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:5.2\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEAA3A85-516A-4C9B-8D29-C75C3408FE3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:5.2\\\\(4\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B976A50F-73BD-44A3-8D73-E15C56BC0C75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:5.2\\\\(5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A42FFBF7-9ADB-4F14-BED8-F2E53BEE7B62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:5.2\\\\(6\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25D16481-CA9A-4B4D-AC9D-3A4F0387FF19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:5.2\\\\(7\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56E4588E-6C1F-4720-8082-0EF299435CB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:5.2\\\\(8\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16939A29-C851-4EAD-A2FF-B13F5FE340FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58BE9C02-2A01-4F6F-A6BD-BC0173561E9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:6.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C558CED8-8342-46CB-9F52-580B626D320E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:6.0\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F85D19E-6C26-429D-B876-F34238B9DAAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:6.0\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F98CD7-A352-483C-9968-8FB2627A7CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:6.1\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F97FE485-705F-4707-B6C6-0EF9E8A85D5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:6.1\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2B925E8-D2C2-4E8C-AC21-0C422245C482\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:6.1\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9170562-872E-4C32-869C-B10FF35A925E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:pix_firewall_software:6.2\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5226C9CC-6933-4F10-B426-B47782C606FD\"}]}]}],\"references\":[{\"url\":\"http://www.ciac.org/ciac/bulletins/n-017.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.iss.net/security_center/static/10661.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/6212\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.ciac.org/ciac/bulletins/n-017.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.iss.net/security_center/static/10661.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/6212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}

fkie_cve-2002-2140

Vulnerability from fkie_nvd

Published

2002-12-31 05:00

Modified

2024-11-20 23:42

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://www.ciac.org/ciac/bulletins/n-017.shtml	Patch
cve@mitre.org	http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml	Patch
cve@mitre.org	http://www.iss.net/security_center/static/10661.php	Patch
cve@mitre.org	http://www.securityfocus.com/bid/6212	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.ciac.org/ciac/bulletins/n-017.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/10661.php	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/6212	Patch

Impacted products

Vendor	Product	Version
cisco	pix_firewall_software	5.2
cisco	pix_firewall_software	5.2\(1\)
cisco	pix_firewall_software	5.2\(2\)
cisco	pix_firewall_software	5.2\(3\)
cisco	pix_firewall_software	5.2\(4\)
cisco	pix_firewall_software	5.2\(5\)
cisco	pix_firewall_software	5.2\(6\)
cisco	pix_firewall_software	5.2\(7\)
cisco	pix_firewall_software	5.2\(8\)
cisco	pix_firewall_software	6.0
cisco	pix_firewall_software	6.0\(1\)
cisco	pix_firewall_software	6.0\(2\)
cisco	pix_firewall_software	6.0\(3\)
cisco	pix_firewall_software	6.1
cisco	pix_firewall_software	6.1\(1\)
cisco	pix_firewall_software	6.1\(2\)
cisco	pix_firewall_software	6.1\(3\)
cisco	pix_firewall_software	6.2
cisco	pix_firewall_software	6.2\(1\)

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "999A0969-60EB-4B2E-A274-9F05D9F840E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "626E41D2-A5EF-493D-9486-3D9BC3793EAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA31E4D-2215-4E4A-BCCC-B3D922CB752D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FEAA3A85-516A-4C9B-8D29-C75C3408FE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B976A50F-73BD-44A3-8D73-E15C56BC0C75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A42FFBF7-9ADB-4F14-BED8-F2E53BEE7B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "25D16481-CA9A-4B4D-AC9D-3A4F0387FF19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "56E4588E-6C1F-4720-8082-0EF299435CB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "16939A29-C851-4EAD-A2FF-B13F5FE340FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS."
    }
  ],
  "id": "CVE-2002-2140",
  "lastModified": "2024-11-20T23:42:58.167",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.ciac.org/ciac/bulletins/n-017.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.iss.net/security_center/static/10661.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/6212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.ciac.org/ciac/bulletins/n-017.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.iss.net/security_center/static/10661.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/6212"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2002-2140

Vulnerability from gsd

Modified

2023-12-13 01:24

Details

Aliases

CVE-2002-2140

Aliases

CVE-2002-2140

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2002-2140",
    "description": "Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.",
    "id": "GSD-2002-2140"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2002-2140"
      ],
      "details": "Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.",
      "id": "GSD-2002-2140",
      "modified": "2023-12-13T01:24:08.656612Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2002-2140",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20021120 Cisco PIX Multiple Vulnerabilities",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
          },
          {
            "name": "6212",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/6212"
          },
          {
            "name": "N-017",
            "refsource": "CIAC",
            "url": "http://www.ciac.org/ciac/bulletins/n-017.shtml"
          },
          {
            "name": "cisco-pix-http-dos(10661)",
            "refsource": "XF",
            "url": "http://www.iss.net/security_center/static/10661.php"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(4\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(5\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(6\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(7\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(3\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(8\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2140"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20021120 Cisco PIX Multiple Vulnerabilities",
              "refsource": "CISCO",
              "tags": [
                "Patch"
              ],
              "url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
            },
            {
              "name": "N-017",
              "refsource": "CIAC",
              "tags": [
                "Patch"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/n-017.shtml"
            },
            {
              "name": "6212",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/6212"
            },
            {
              "name": "cisco-pix-http-dos(10661)",
              "refsource": "XF",
              "tags": [
                "Patch"
              ],
              "url": "http://www.iss.net/security_center/static/10661.php"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:26Z",
      "publishedDate": "2002-12-31T05:00Z"
    }
  }
}

Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS. Cisco has reported a vulnerability in its PIX Firewall devices. A buffer overrun condition exists in the HTTP RADIUS/TACACS+ proxy component. The condition occurs when the PIX device processes a specially malformed request. Further technical details are not known at this time. Exploitation of this vulnerability may lead to code executed on target devices. It may also be possible to cause a denial of service, resulting in a network outage until the device is reset. Cisco PIX firewall provides enterprise-level security services, including state inspection firewall, IPSEC, VPN, intrusion detection and other functions. The HTTP RADIUS/TACACS+ proxy component of the Cisco PIX firewall does not correctly process user malformed requests. Remote attackers can exploit this vulnerability to carry out buffer overflow attacks and cause the device to restart. Users who initiate a connection via FTP, TELNET, or HTTP will be prompted to enter their username and password. If the username and password are verified by the specified TACACS+ or RADIUS authentication server, the PIX firewall will allow the \"cut-through proxy\" function of the firewall More communication takes place between the authentication server and the connection side. CISCO designated this vulnerability BUG ID as: CSCdx35823

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200212-0089",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "cisco",
        "version": "6.0"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "cisco",
        "version": "5.2"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "6.2"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "6.1"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.2\\(6\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.0"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.0\\(2\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.0\\(1\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.2"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.1\\(3\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.2\\(4\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.1\\(2\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.0\\(3\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.1"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.2\\(1\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.2\\(5\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2\\(1\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.2\\(8\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.2\\(2\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.1\\(1\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.2\\(7\\)"
      },
      {
        "model": "pix firewall software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.2\\(3\\)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5.2\\(7\\)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5.2\\(3\\)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5.2\\(8\\)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5.2\\(6\\)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5.2\\(1\\)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5.2\\(2\\)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5.2\\(5\\)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5.2\\(4\\)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.2.1"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.2(1)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.1.3"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.1(2)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.0.3"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.0(2)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "6.0(1)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(7)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(6)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(5)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(3.210)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2(2)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1.4"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1(4.206)"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "6212"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-684"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2140"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:cisco:pix_firewall",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco PSIRT\u203b psirt@cisco.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-684"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2002-2140",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2002-2140",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-6523",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2002-2140",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2002-2140",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200212-684",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-6523",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-6523"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-684"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2140"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS. Cisco has reported a vulnerability in its PIX Firewall devices.  A buffer overrun condition exists in the HTTP RADIUS/TACACS+ proxy component.  The condition occurs when the PIX device processes a specially malformed request.  Further technical details are not known at this time.  Exploitation of this vulnerability may lead to code executed on target devices.  It may also be possible to cause a denial of service, resulting in a network outage until the device is reset. Cisco PIX firewall provides enterprise-level security services, including state inspection firewall, IPSEC, VPN, intrusion detection and other functions. The HTTP RADIUS/TACACS+ proxy component of the Cisco PIX firewall does not correctly process user malformed requests. Remote attackers can exploit this vulnerability to carry out buffer overflow attacks and cause the device to restart. Users who initiate a connection via FTP, TELNET, or HTTP will be prompted to enter their username and password. If the username and password are verified by the specified TACACS+ or RADIUS authentication server, the PIX firewall will allow the \\\"cut-through proxy\\\" function of the firewall More communication takes place between the authentication server and the connection side. CISCO designated this vulnerability BUG ID as: CSCdx35823",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-2140"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      },
      {
        "db": "BID",
        "id": "6212"
      },
      {
        "db": "VULHUB",
        "id": "VHN-6523"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2002-2140",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "6212",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000285",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-684",
        "trust": 0.7
      },
      {
        "db": "CIAC",
        "id": "N-017",
        "trust": 0.6
      },
      {
        "db": "CISCO",
        "id": "20021120 CISCO PIX MULTIPLE VULNERABILITIES",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "3871",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "10661",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-6523",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-6523"
      },
      {
        "db": "BID",
        "id": "6212"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-684"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2140"
      }
    ]
  },
  "id": "VAR-200212-0089",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-6523"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-22T22:57:15.092000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "pix-multiple-vuln-pub",
        "trust": 0.8,
        "url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
      },
      {
        "title": "pix-multiple-vuln-pub",
        "trust": 0.8,
        "url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/pix-multiple-vuln-pub-j.shtml"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-2140"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
      },
      {
        "trust": 2.7,
        "url": "http://www.securityfocus.com/bid/6212"
      },
      {
        "trust": 2.7,
        "url": "http://www.ciac.org/ciac/bulletins/n-017.shtml"
      },
      {
        "trust": 2.7,
        "url": "http://www.iss.net/security_center/static/10661.php"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-2140"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-2140"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/3871"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-6523"
      },
      {
        "db": "BID",
        "id": "6212"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-684"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2140"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-6523"
      },
      {
        "db": "BID",
        "id": "6212"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-684"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2140"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2002-12-31T00:00:00",
        "db": "VULHUB",
        "id": "VHN-6523"
      },
      {
        "date": "2002-11-20T00:00:00",
        "db": "BID",
        "id": "6212"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      },
      {
        "date": "2002-11-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200212-684"
      },
      {
        "date": "2002-12-31T05:00:00",
        "db": "NVD",
        "id": "CVE-2002-2140"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-6523"
      },
      {
        "date": "2002-11-20T00:00:00",
        "db": "BID",
        "id": "6212"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      },
      {
        "date": "2006-01-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200212-684"
      },
      {
        "date": "2024-11-20T23:42:58.167000",
        "db": "NVD",
        "id": "CVE-2002-2140"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-684"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco PIX Firewall In  HTTP Authentication buffer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2002-000285"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Boundary Condition Error",
    "sources": [
      {
        "db": "BID",
        "id": "6212"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-684"
      }
    ],
    "trust": 0.9
  }
}

ghsa-xg23-cgcw-5j65

Vulnerability from github

Published

2022-04-30 18:22

Modified

2022-04-30 18:22

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2002-2140"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-12-31T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.",
  "id": "GHSA-xg23-cgcw-5j65",
  "modified": "2022-04-30T18:22:35Z",
  "published": "2022-04-30T18:22:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-2140"
    },
    {
      "type": "WEB",
      "url": "http://www.ciac.org/ciac/bulletins/n-017.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.iss.net/security_center/static/10661.php"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/6212"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2002-2140

Vulnerability from cvelistv5

fkie_cve-2002-2140

Vulnerability from fkie_nvd

gsd-2002-2140

Vulnerability from gsd

var-200212-0089

Vulnerability from variot

ghsa-xg23-cgcw-5j65

Vulnerability from github

Tags

Sightings

Nomenclature