var-200512-0744
Vulnerability from variot
The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. plural Cisco Product implements IP ACL In function, the device ACL When downloading ACL Name RAS/NAS Username and password for authentication by ( Same as user name ) As we use as ACL If the name is known, ACL There is a vulnerability that makes it possible to pass authentication illegally using a name.There is a possibility of unauthorized access to the network. Cisco PIX and VPN 3000 concentrators, when managed by Cisco Secure Access Control Servers are vulnerable to an information disclosure vulnerability. This issue is due to a design flaw that communicates sensitive information over an unencrypted communications channel. This issue allows remote attackers with the ability to gain access to sensitive information if they can sniff network packets traveling between affected devices and the RADIUS server. This information potentially aids them in further attacks. Specific Cisco versions and products affected by this issue are not currently known. The list of affected packages will be updated as further information is disclosed. Cisco PIX is a very popular network firewall, while CS ACS is a network device that provides authentication, authorization, and account services. Cisco PIX has a loophole in network management communication, and attackers may use this loophole to gain unauthorized access to the device. At the same time, CS ACS will also create an internal hidden user named #ACSACL#-IP-uacl-43a97a9d with the password #ACSACL#-IP-uacl-43a97a9d (!). The CS ACS GUI cannot see the user. The protocol used by the PIX downloads the ACL steps as follows: 0) The user accesses the Internet through the PIX with HTTP(s); the PIX requests the user name and password, and then the user enters the user name and password in the dialog box. 1) PIX sends a Radius access request to CS ACS to authenticate the user (user password is encrypted by Radius). 2) The Radius server authenticates the user and sends back the cisco-av-pair vendor-specific attribute (VSA) with the ACS: CiscoSecure-Defined-ACL=#ACSACL#-IP-uacl-43a97a9d value. 3) PIX sends Radius access request again to authenticate user#ACSACL#-IP-uacl-43a97a9d 4) Radius server authenticates user, sends back ACL body with another cisco-av-pair VSA attribute (ip:inacl#1=... ). This means that anyone can see the plaintext #ACSACL#-IP-uacl-43a97a9d user name sent from the CS ACS server to the PIX by the Radius protocol through the network, and the user's password is the same as the user name. If the network device is configured to use the same CS ACS server for login authentication, you can use the sniffed user name to log in to the network device.
The vulnerability is caused due to a design error in the Downloadable IP ACL (Access Control List) feature. This can be exploited by malicious people who knows the name of a Downloadable IP ACL configured on the ACS server to authenticate to the RAS/NAS (Remote Access Server/Network Access Server) by using the name of that ACL as their user name.
Successful exploitation requires that the attacker knows the name of the Downloadable IP ACL e.g. by sniffing network traffic between the RAS/NAS and the ACS server.
SOLUTION: The vulnerability has been fixed in the following versions. * Cisco Secure ACS Version 4.0.1 * PIX version 6.3(5) * PIX/ASA 7.0(2) * Cisco IOS Software Version 12.3(8)T4 * VPN 3000 versions 4.0.5.B and 4.1.5.B
Cisco FWSM: Refer to vendor's original advisory for workaround instructions.
PROVIDED AND/OR DISCOVERED BY: ovt
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0744",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 1.5,
"vendor": "cisco",
"version": "30002.5.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.2.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3\\(2\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.7.1.f"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.4"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(3\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.7.a"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.7.f"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2\\(3.100\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2\\(3\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2\\(1\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1\\(4\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(2\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1\\(2\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1.5\\(104\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.7.d"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1\\(rel\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.2\\(7\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(1\\)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(4\\)"
},
{
"model": "vpn 3005 concentrator software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.5.b"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.3"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "pix firewall 515e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.2\\(2\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "vpn 3030 concentator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.7.1"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(6b\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.2.a"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.4"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "vpn 3080 concentrator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "pix firewall 525",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2\\(1\\)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.3_\\(110\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3\\(1\\)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2\\(1.20\\)"
},
{
"model": "vpn 3030 concentator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1\\(4.206\\)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2\\(2\\)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.2.c"
},
{
"model": "vpn 3060 concentrator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.7.b"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1\\(5\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3\\(1\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(6\\)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.1"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.3.a"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1\\(4\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.5.b"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.2\\(5\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3\\(2\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.4\\(8\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.7.b"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2\\(2\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5\\(rel\\)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.2\\(3.210\\)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0.1.4"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.2\\(9\\)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "vpn 3001 concentrator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "vpn 3020 concentrator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3\\(1.200\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.7.a"
},
{
"model": "pix asa ids",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0\\(4\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.2.f"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.7"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3\\(5\\)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.7.1"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.7d"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.3"
},
{
"model": "pix firewall 535",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.3.b"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1\\(3\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.2.b"
},
{
"model": "pix firewall 506",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2\\(3\\)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "pix firewall 520",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "vpn 3030 concentator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.7.1.f"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0.4.3"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.5"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.2\\(6\\)"
},
{
"model": "pix firewall 501",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(4.101\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3\\(3\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "pix firewall 515",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.4\\(7.202\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.2\\(5\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.2\\(1\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.7.c"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.2\\(2\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.2\\(1\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.5"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3\\(3.102\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3.3_\\(133\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3\\(3\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1\\(1\\)"
},
{
"model": "vpn 3015 concentrator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.4"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.4\\(4\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3\\(3.109\\)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3\\(1\\)"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.2.d"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.2_.111"
},
{
"model": "vpn 3002 hardware client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.0.3"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0.4.3"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0.1.4"
},
{
"model": "vpn 3060 concentrator",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn 3001 concentrator",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn 3020 concentrator",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn 3030 concentator",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn 3080 concentrator",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.04"
},
{
"model": "vpn 3015 concentrator",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator f",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30804.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30804.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3080"
},
{
"model": "vpn concentrator f",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30604.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30604.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30603.5.2"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3060"
},
{
"model": "vpn concentrator f",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30304.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30304.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30304.0.2"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3030"
},
{
"model": "vpn concentrator f",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30204.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30204.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3020"
},
{
"model": "vpn concentrator f",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30154.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30154.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3015"
},
{
"model": "vpn concentrator f",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30054.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30054.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30054.0.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30054.0"
},
{
"model": "vpn concentrator f",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator d",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.7"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.5"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30053.6.3"
},
{
"model": "vpn hardware client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3002"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30010"
},
{
"model": "vpn concentrator f",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.7.1"
},
{
"model": "vpn concentrator .b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.1.5"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.1.x"
},
{
"model": "vpn concentrator .b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0.5"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0.x"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30004.0"
},
{
"model": "vpn concentrator d",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.7"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.7"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.5"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.4"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.3"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.2"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.4"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.2"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0.4"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.0"
},
{
"model": "vpn concentrator 4.1.7.b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "vpn concentrator 4.1.7.a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(3)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1.20)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix/asa ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.4.3"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.4"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.4"
},
{
"model": "pix os",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5350"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5256.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "525"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "520"
},
{
"model": "pix firewall 515e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "515"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5060"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5010"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.3(133)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(5)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3.109)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3.102)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(3)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3(1)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3(110)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2.111"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(3.100)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(3)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(1)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.5(104)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.4"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(5)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(4)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(3)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(2)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(1)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.4"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(4.101)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(4)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(2)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(1)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(3)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(2)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1.200)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(9)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(7)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(6)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(5)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3.210)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.4"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(4.206)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(8)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(7.202)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(4)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(5)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "pix firewall b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "16025"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000750"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-542"
},
{
"db": "NVD",
"id": "CVE-2005-4499"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:pix_firewall",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:pix_asa",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000750"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Oleg Tipisov",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-542"
}
],
"trust": 0.6
},
"cve": "CVE-2005-4499",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2005-4499",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-15707",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-4499",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2005-4499",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-542",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-15707",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15707"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000750"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-542"
},
{
"db": "NVD",
"id": "CVE-2005-4499"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. plural Cisco Product implements IP ACL In function, the device ACL When downloading ACL Name RAS/NAS Username and password for authentication by ( Same as user name ) As we use as ACL If the name is known, ACL There is a vulnerability that makes it possible to pass authentication illegally using a name.There is a possibility of unauthorized access to the network. Cisco PIX and VPN 3000 concentrators, when managed by Cisco Secure Access Control Servers are vulnerable to an information disclosure vulnerability. This issue is due to a design flaw that communicates sensitive information over an unencrypted communications channel. \nThis issue allows remote attackers with the ability to gain access to sensitive information if they can sniff network packets traveling between affected devices and the RADIUS server. This information potentially aids them in further attacks. \nSpecific Cisco versions and products affected by this issue are not currently known. The list of affected packages will be updated as further information is disclosed. Cisco PIX is a very popular network firewall, while CS ACS is a network device that provides authentication, authorization, and account services. Cisco PIX has a loophole in network management communication, and attackers may use this loophole to gain unauthorized access to the device. At the same time, CS ACS will also create an internal hidden user named #ACSACL#-IP-uacl-43a97a9d with the password #ACSACL#-IP-uacl-43a97a9d (!). The CS ACS GUI cannot see the user. The protocol used by the PIX downloads the ACL steps as follows: 0) The user accesses the Internet through the PIX with HTTP(s); the PIX requests the user name and password, and then the user enters the user name and password in the dialog box. 1) PIX sends a Radius access request to CS ACS to authenticate the user (user password is encrypted by Radius). 2) The Radius server authenticates the user and sends back the cisco-av-pair vendor-specific attribute (VSA) with the ACS: CiscoSecure-Defined-ACL=#ACSACL#-IP-uacl-43a97a9d value. 3) PIX sends Radius access request again to authenticate user#ACSACL#-IP-uacl-43a97a9d 4) Radius server authenticates user, sends back ACL body with another cisco-av-pair VSA attribute (ip:inacl#1=... ). This means that anyone can see the plaintext #ACSACL#-IP-uacl-43a97a9d user name sent from the CS ACS server to the PIX by the Radius protocol through the network, and the user\u0027s password is the same as the user name. If the network device is configured to use the same CS ACS server for login authentication, you can use the sniffed user name to log in to the network device. \n\nThe vulnerability is caused due to a design error in the Downloadable\nIP ACL (Access Control List) feature. This can be exploited by\nmalicious people who knows the name of a Downloadable IP ACL\nconfigured on the ACS server to authenticate to the RAS/NAS (Remote\nAccess Server/Network Access Server) by using the name of that ACL as\ntheir user name. \n\nSuccessful exploitation requires that the attacker knows the name of\nthe Downloadable IP ACL e.g. by sniffing network traffic between the\nRAS/NAS and the ACS server. \n\nSOLUTION:\nThe vulnerability has been fixed in the following versions. \n* Cisco Secure ACS Version 4.0.1\n* PIX version 6.3(5)\n* PIX/ASA 7.0(2)\n* Cisco IOS Software Version 12.3(8)T4\n* VPN 3000 versions 4.0.5.B and 4.1.5.B\n\nCisco FWSM:\nRefer to vendor\u0027s original advisory for workaround instructions. \n\nPROVIDED AND/OR DISCOVERED BY:\novt\n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4499"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000750"
},
{
"db": "BID",
"id": "16025"
},
{
"db": "VULHUB",
"id": "VHN-15707"
},
{
"db": "PACKETSTORM",
"id": "42760"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-4499",
"trust": 2.8
},
{
"db": "BID",
"id": "16025",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "18141",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "22193",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000750",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200512-542",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20051221 CISCO PIX / CS ACS: DOWNLOADABLE RADIUS ACLS VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20051222 RE: CISCO PIX / CS ACS: DOWNLOADABLE RADIUS ACLS VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-15707",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42760",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15707"
},
{
"db": "BID",
"id": "16025"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000750"
},
{
"db": "PACKETSTORM",
"id": "42760"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-542"
},
{
"db": "NVD",
"id": "CVE-2005-4499"
}
]
},
"id": "VAR-200512-0744",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-15707"
}
],
"trust": 0.34090908
},
"last_update_date": "2024-11-23T22:32:31.205000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "68484",
"trust": 0.8,
"url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000750"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4499"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/16025"
},
{
"trust": 2.1,
"url": "http://www.cisco.com/en/us/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/22193"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18141"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/18141/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-4499"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-4499"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/420020/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/420103/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/advisory.html"
},
{
"trust": 0.3,
"url": "/archive/1/420020"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/90/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6102/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/56/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5088/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/679/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2273/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3382/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15707"
},
{
"db": "BID",
"id": "16025"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000750"
},
{
"db": "PACKETSTORM",
"id": "42760"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-542"
},
{
"db": "NVD",
"id": "CVE-2005-4499"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-15707"
},
{
"db": "BID",
"id": "16025"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000750"
},
{
"db": "PACKETSTORM",
"id": "42760"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-542"
},
{
"db": "NVD",
"id": "CVE-2005-4499"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-22T00:00:00",
"db": "VULHUB",
"id": "VHN-15707"
},
{
"date": "2005-12-21T00:00:00",
"db": "BID",
"id": "16025"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000750"
},
{
"date": "2006-01-04T04:21:16",
"db": "PACKETSTORM",
"id": "42760"
},
{
"date": "2005-12-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-542"
},
{
"date": "2005-12-22T11:03:00",
"db": "NVD",
"id": "CVE-2005-4499"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-15707"
},
{
"date": "2015-03-19T09:46:00",
"db": "BID",
"id": "16025"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000750"
},
{
"date": "2005-12-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-542"
},
{
"date": "2024-11-21T00:04:24.143000",
"db": "NVD",
"id": "CVE-2005-4499"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-542"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Product IP ACL Vulnerabilities that bypass authentication in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000750"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "16025"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-542"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.