ID

VAR-199807-0030


CVE

CVE-1999-1582


TITLE

PIX 'established' and 'conduit' command may have unexpected interactions

Trust: 0.8

sources: CERT/CC: VU#6733

DESCRIPTION

By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality. A somewhat common configuration of Cisco PIX firewalls may permit a window of opportunity in which an intruder can bypass the firewall. This problem was first publicly described in July, 1998. Cisco Systems Cisco PIX Firewall Software Exists in unspecified vulnerabilities.None. PIX Firewall is prone to a remote security vulnerability

Trust: 2.7

sources: NVD: CVE-1999-1582 // CERT/CC: VU#6733 // JVNDB: JVNDB-1998-000019 // BID: 87942 // VULHUB: VHN-1563

AFFECTED PRODUCTS

vendor:ciscomodel:pix firewallscope:eqversion:*

Trust: 1.0

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco pix firewall softwarescope:eqversion: -

Trust: 0.8

vendor:ciscomodel:pix firewallscope: - version: -

Trust: 0.6

sources: CERT/CC: VU#6733 // JVNDB: JVNDB-1998-000019 // CNNVD: CNNVD-199807-017 // NVD: CVE-1999-1582

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1582
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#6733
value: 18.00

Trust: 0.8

NVD: CVE-1999-1582
value: HIGH

Trust: 0.8

CNNVD: CNNVD-199807-017
value: HIGH

Trust: 0.6

VULHUB: VHN-1563
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-1999-1582
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-1563
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#6733 // VULHUB: VHN-1563 // JVNDB: JVNDB-1998-000019 // CNNVD: CNNVD-199807-017 // NVD: CVE-1999-1582

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-1998-000019 // NVD: CVE-1999-1582

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199807-017

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199807-017

PATCH

title:Introduction [Cisco PIX Firewall Software] - Cisco Systemsurl:https://www.cisco.com/en/US/docs/security/pix/pix50/configuration/guide/intro.html

Trust: 0.8

sources: JVNDB: JVNDB-1998-000019

EXTERNAL IDS

db:CERT/CCid:VU#6733

Trust: 3.6

db:NVDid:CVE-1999-1582

Trust: 3.6

db:XFid:8052

Trust: 0.9

db:JVNDBid:JVNDB-1998-000019

Trust: 0.8

db:CNNVDid:CNNVD-199807-017

Trust: 0.7

db:CISCOid:19980715 PIX FIREWALL "ESTABLISHED" COMMAND

Trust: 0.6

db:BIDid:87942

Trust: 0.4

db:VULHUBid:VHN-1563

Trust: 0.1

sources: CERT/CC: VU#6733 // VULHUB: VHN-1563 // BID: 87942 // JVNDB: JVNDB-1998-000019 // CNNVD: CNNVD-199807-017 // NVD: CVE-1999-1582

REFERENCES

url:http://www.cisco.com/warp/public/707/pixest-pub.shtml

Trust: 3.8

url:http://www.kb.cert.org/vuls/id/6733

Trust: 3.8

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/8052

Trust: 2.9

url:http://xforce.iss.net/xforce/xfdb/8052

Trust: 0.9

url:http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v41/pixcfg41/pix41cmd.htm#xtocid1978512

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-1999-1582

Trust: 0.8

sources: CERT/CC: VU#6733 // VULHUB: VHN-1563 // BID: 87942 // JVNDB: JVNDB-1998-000019 // CNNVD: CNNVD-199807-017 // NVD: CVE-1999-1582

CREDITS

Unknown

Trust: 0.3

sources: BID: 87942

SOURCES

db:CERT/CCid:VU#6733
db:VULHUBid:VHN-1563
db:BIDid:87942
db:JVNDBid:JVNDB-1998-000019
db:CNNVDid:CNNVD-199807-017
db:NVDid:CVE-1999-1582

LAST UPDATE DATE

2024-11-22T22:51:44.617000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#6733date:2002-01-04T00:00:00
db:VULHUBid:VHN-1563date:2017-07-11T00:00:00
db:BIDid:87942date:1998-07-15T00:00:00
db:JVNDBid:JVNDB-1998-000019date:2024-05-13T02:32:00
db:CNNVDid:CNNVD-199807-017date:2006-04-03T00:00:00
db:NVDid:CVE-1999-1582date:2024-11-20T23:31:27.787

SOURCES RELEASE DATE

db:CERT/CCid:VU#6733date:2002-01-04T00:00:00
db:VULHUBid:VHN-1563date:1998-07-15T00:00:00
db:BIDid:87942date:1998-07-15T00:00:00
db:JVNDBid:JVNDB-1998-000019date:2024-05-13T00:00:00
db:CNNVDid:CNNVD-199807-017date:1998-07-15T00:00:00
db:NVDid:CVE-1999-1582date:1998-07-15T04:00:00