Sign-up

ID

VAR-200003-0057


CVE

CVE-2000-0613


TITLE

Cisco Secure PIX Firewall forgery TCP RST Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200003-038

DESCRIPTION

Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections. The attacker would have to possess detailed knowledge of the connection table in the firewall (which is used to track outgoing connections and disallow any connections from the external network that were not initiated by an internal machine) or be able to otherwise determine the required IP address and port information to exploit this

Trust: 1.26

sources: NVD: CVE-2000-0613 // BID: 1454 // VULHUB: VHN-2190

AFFECTED PRODUCTS

vendor:ciscomodel:pix firewallscope:eqversion:*

Trust: 1.0

vendor:ciscomodel:pix firewallscope: - version: -

Trust: 0.6

vendor:ciscomodel:pix firewallscope:eqversion:5.1

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:5.0

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:4.4(4)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:4.3

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:4.2.2

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:4.2.1

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:4.2(5)

Trust: 0.3

vendor:ciscomodel:pix firewall bscope:eqversion:4.1.6

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:4.1.6

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:3.1

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:3.0

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:2.7

Trust: 0.3

sources: BID: 1454 // CNNVD: CNNVD-200003-038 // NVD: CVE-2000-0613

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2000-0613
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200003-038
value: MEDIUM

Trust: 0.6

VULHUB: VHN-2190
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2000-0613
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-2190
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-2190 // CNNVD: CNNVD-200003-038 // NVD: CVE-2000-0613

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-0613

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200003-038

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200003-038

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-2190

EXTERNAL IDS
db:BIDid:1454
Trust: 2.0
db:NVDid:CVE-2000-0613
Trust: 1.7
db:OSVDBid:1457
Trust: 1.7
db:CNNVDid:CNNVD-200003-038
Trust: 0.7
db:BUGTRAQid:20000320 PIX DMZ DENIAL OF SERVICE - TCP RESETS
Trust: 0.6
db:CISCOid:20000711 CISCO SECURE PIX FIREWALL TCP RESET VULNERABILITY
Trust: 0.6
db:XFid:4928
Trust: 0.6
db:EXPLOIT-DBid:20067
Trust: 0.1
db:SEEBUGid:SSVID-73964
Trust: 0.1
db:VULHUBid:VHN-2190
Trust: 0.1
sources:
            
            
            VULHUB: VHN-2190 // 
            
            
            
            BID: 1454 // 
            
            
            
            CNNVD: CNNVD-200003-038 // 
            
            
            
            NVD: CVE-2000-0613

REFERENCES
url:http://www.securityfocus.com/bid/1454
Trust: 1.7
url:http://www.cisco.com/warp/public/707/pixtcpreset-pub.shtml
Trust: 1.7
url:http://www.osvdb.org/1457
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/4928
Trust: 1.1
url:http://www.securityfocus.com/templates/archive.pike?list=1&msg=b3d6883199dbd311868100a0c9fc2cdc046b72%40protea.citec.net
Trust: 1.0
url:http://www.securityfocus.com/templates/archive.pike?list=1&msg=b3d6883199dbd311868100a0c9fc2cdc046b72@protea.citec.net
Trust: 0.7
url:http://xforce.iss.net/static/4928.php
Trust: 0.6
sources:
            
            
            VULHUB: VHN-2190 // 
            
            
            
            CNNVD: CNNVD-200003-038 // 
            
            
            
            NVD: CVE-2000-0613

CREDITS
This vulnerability was originally reported to BugTraq on March 20, 2000 by Andrew Alston <andrew@citec.net>
Trust: 0.9
sources:
            
            
            BID: 1454 // 
            
            
            
            CNNVD: CNNVD-200003-038

SOURCES
db:VULHUBid:VHN-2190
db:BIDid:1454
db:CNNVDid:CNNVD-200003-038
db:NVDid:CVE-2000-0613

LAST UPDATE DATE
2024-08-14T15:15:17.705000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-2190date:2017-10-10T00:00:00
db:BIDid:1454date:2000-07-10T00:00:00
db:CNNVDid:CNNVD-200003-038date:2005-07-27T00:00:00
db:NVDid:CVE-2000-0613date:2023-11-07T01:55:21.907

SOURCES RELEASE DATE
db:VULHUBid:VHN-2190date:2000-03-20T00:00:00
db:BIDid:1454date:2000-07-10T00:00:00
db:CNNVDid:CNNVD-200003-038date:2000-03-20T00:00:00
db:NVDid:CVE-2000-0613date:2000-03-20T05:00:00