var-200703-0084
Vulnerability from variot
The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address. According to Cisco Systems information NAM Model number WS-SVC-NAM-1, WS-SVC-NAM-2, WS-X6380-NAM Will be affected. For details, check the information provided by the vendor.Crafted by a third party SNMP Arbitrary commands may be executed due to packet processing. According to Cisco Systems information, the device may be completely controlled. An attacker can leverage this issue to gain complete control of the affected device. NAM uses the Simple Network Management Protocol (SNMP) to communicate with the Catalyst system.
Want a new job? http://secunia.com/secunia_vacancies/
Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/
TITLE: Cisco Products NAM SNMP Spoofing Vulnerability
SECUNIA ADVISORY ID: SA24344
VERIFY ADVISORY: http://secunia.com/advisories/24344/
CRITICAL: Moderately critical
IMPACT: System access
WHERE:
From local network
OPERATING SYSTEM: Cisco IOS R12.x http://secunia.com/product/50/ Cisco IOS 12.x http://secunia.com/product/182/ Cisco CATOS 8.x http://secunia.com/product/3564/ Cisco CATOS 7.x http://secunia.com/product/185/
SOFTWARE: Cisco Catalyst 6500 Series Network Analysis Module (NAM-1/NAM-2) http://secunia.com/product/2272/ Cisco Catalyst 6500 Series Network Analysis Module (First Generation) http://secunia.com/product/2271/
DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to compromise a vulnerable system.
SOLUTION: Update to a fixed version (see vendor advisory for details). http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200703-0084",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "catalyst 6500 ws-svc-nam-2",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1a\\)"
},
{
"model": "catalyst 6000 ws-svc-nam-1",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1a\\)"
},
{
"model": "catalyst 6000 ws-svc-nam-2",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1a\\)"
},
{
"model": "catalyst 7600 ws-svc-nam-1",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1a\\)"
},
{
"model": "catalyst 6500 ws-svc-nam-1",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1a\\)"
},
{
"model": "catalyst 6500 ws-x6380-nam",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1\\(1a\\)"
},
{
"model": "catalyst 6000 ws-x6380-nam",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1\\(1a\\)"
},
{
"model": "catalyst 7600 ws-svc-nam-2",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1a\\)"
},
{
"model": "catalyst 7600 ws-x6380-nam",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1\\(1a\\)"
},
{
"model": "network analysis module",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "7600 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 6000 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 6500 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ex",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2za",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sgb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sga",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ixb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ixa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ewa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2eu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios zu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios 12.1ex",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(5)"
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(4)"
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(3)"
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(2)"
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(1)"
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6(19)"
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6(18)"
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6(17)"
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6(16)"
},
{
"model": "catos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6(15)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6500"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7600"
},
{
"model": "ios 12.2 sra2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sga1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sg1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zu1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxf5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxe6a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxd7a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ixb2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(6)"
},
{
"model": "catos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(5.3)"
},
{
"model": "catos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6(20)"
},
{
"model": "catos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6(19.2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#472412"
},
{
"db": "BID",
"id": "22751"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000183"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-133"
},
{
"db": "NVD",
"id": "CVE-2007-1257"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:7600_router",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:catalyst_6000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:catalyst_6500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:network_analysis_module",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000183"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-133"
}
],
"trust": 0.6
},
"cve": "CVE-2007-1257",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-1257",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-24619",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-1257",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#472412",
"trust": 0.8,
"value": "9.37"
},
{
"author": "NVD",
"id": "CVE-2007-1257",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200703-133",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-24619",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#472412"
},
{
"db": "VULHUB",
"id": "VHN-24619"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000183"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-133"
},
{
"db": "NVD",
"id": "CVE-2007-1257"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM\u0027s own IP address. According to Cisco Systems information NAM Model number WS-SVC-NAM-1, WS-SVC-NAM-2, WS-X6380-NAM Will be affected. For details, check the information provided by the vendor.Crafted by a third party SNMP Arbitrary commands may be executed due to packet processing. According to Cisco Systems information, the device may be completely controlled. \nAn attacker can leverage this issue to gain complete control of the affected device. NAM uses the Simple Network Management Protocol (SNMP) to communicate with the Catalyst system. \n\n----------------------------------------------------------------------\n\nWant a new job?\nhttp://secunia.com/secunia_vacancies/\n\nSecunia is looking for new researchers with a reversing background\nand experience in writing exploit code:\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\nhttp://secunia.com/Disassembling_og_Reversing/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Products NAM SNMP Spoofing Vulnerability\n\nSECUNIA ADVISORY ID:\nSA24344\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24344/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nCisco IOS R12.x\nhttp://secunia.com/product/50/\nCisco IOS 12.x\nhttp://secunia.com/product/182/\nCisco CATOS 8.x\nhttp://secunia.com/product/3564/\nCisco CATOS 7.x\nhttp://secunia.com/product/185/\n\nSOFTWARE:\nCisco Catalyst 6500 Series Network Analysis Module (NAM-1/NAM-2)\nhttp://secunia.com/product/2272/\nCisco Catalyst 6500 Series Network Analysis Module (First Generation)\nhttp://secunia.com/product/2271/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to compromise a vulnerable\nsystem. \n\nSOLUTION:\nUpdate to a fixed version (see vendor advisory for details). \nhttp://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1257"
},
{
"db": "CERT/CC",
"id": "VU#472412"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000183"
},
{
"db": "BID",
"id": "22751"
},
{
"db": "VULHUB",
"id": "VHN-24619"
},
{
"db": "PACKETSTORM",
"id": "54746"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#472412",
"trust": 3.6
},
{
"db": "BID",
"id": "22751",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2007-1257",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "24344",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1017710",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "33066",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-0783",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000183",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200703-133",
"trust": 0.7
},
{
"db": "XF",
"id": "32750",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20070228 CISCO CATALYST 6000, 6500 SERIES AND CISCO 7600 SERIES NAM (NETWORK ANALYSIS MODULE) VULNERABILITY",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:5188",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-24619",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "54746",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#472412"
},
{
"db": "VULHUB",
"id": "VHN-24619"
},
{
"db": "BID",
"id": "22751"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000183"
},
{
"db": "PACKETSTORM",
"id": "54746"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-133"
},
{
"db": "NVD",
"id": "CVE-2007-1257"
}
]
},
"id": "VAR-200703-0084",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-24619"
}
],
"trust": 0.4056849
},
"last_update_date": "2024-11-23T22:46:55.004000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20070228-nam",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000183"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24619"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000183"
},
{
"db": "NVD",
"id": "CVE-2007-1257"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml"
},
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/472412"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/22751"
},
{
"trust": 1.7,
"url": "http://osvdb.org/33066"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017710"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24344"
},
{
"trust": 1.1,
"url": "http://www.cisco.com/en/us/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080394e09.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5188"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/0783"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/24344/"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20070228-nam.shtml"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2007/feb/1017710.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1257"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-1257"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/32750"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0783"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5188"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/50/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3564/"
},
{
"trust": 0.1,
"url": "http://secunia.com/disassembling_og_reversing/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2271/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2272/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/182/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/185/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#472412"
},
{
"db": "VULHUB",
"id": "VHN-24619"
},
{
"db": "BID",
"id": "22751"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000183"
},
{
"db": "PACKETSTORM",
"id": "54746"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-133"
},
{
"db": "NVD",
"id": "CVE-2007-1257"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#472412"
},
{
"db": "VULHUB",
"id": "VHN-24619"
},
{
"db": "BID",
"id": "22751"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000183"
},
{
"db": "PACKETSTORM",
"id": "54746"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-133"
},
{
"db": "NVD",
"id": "CVE-2007-1257"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-02T00:00:00",
"db": "CERT/CC",
"id": "VU#472412"
},
{
"date": "2007-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-24619"
},
{
"date": "2007-02-28T00:00:00",
"db": "BID",
"id": "22751"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000183"
},
{
"date": "2007-03-05T23:12:53",
"db": "PACKETSTORM",
"id": "54746"
},
{
"date": "2007-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-133"
},
{
"date": "2007-03-03T20:19:00",
"db": "NVD",
"id": "CVE-2007-1257"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-22T00:00:00",
"db": "CERT/CC",
"id": "VU#472412"
},
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-24619"
},
{
"date": "2015-05-12T19:34:00",
"db": "BID",
"id": "22751"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000183"
},
{
"date": "2009-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-133"
},
{
"date": "2024-11-21T00:27:53.570000",
"db": "NVD",
"id": "CVE-2007-1257"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-133"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Catalyst Systems with a NAM may allow system access via spoofing the SNMP communication",
"sources": [
{
"db": "CERT/CC",
"id": "VU#472412"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-133"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.