Details of VAR-200107-0161

ID

VAR-200107-0161

CVE

CVE-2001-0429

TITLE

Cisco Catalyst Switch Vulnerability

Trust: 0.8

sources: IVD: bbed9956-23ce-11e6-abef-000c29c66e3d // CNNVD: CNNVD-200107-020

DESCRIPTION

Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. Submitting numerous HTTP requests with modified headers, could cause Lotus Domino to consume all available system resources. This leads to network instability and denial of service

Trust: 2.88

sources: NVD: CVE-2001-0429 // CERT/CC: VU#601312 // CERT/CC: VU#310816 // BID: 2565 // IVD: bbed9956-23ce-11e6-abef-000c29c66e3d // VULHUB: VHN-3248

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.2

sources: IVD: bbed9956-23ce-11e6-abef-000c29c66e3d

AFFECTED PRODUCTS

vendor:	cisco	model:	catos	scope:	eq	version:	6.1\(1c\)	Trust: 1.6
vendor:	cisco	model:	catos	scope:	eq	version:	6.1.2	Trust: 1.6
vendor:	cisco	model:	catos	scope:	eq	version:	5.5\(6\)	Trust: 1.6
vendor:	cisco	model:	catos	scope:	eq	version:	4.5.10	Trust: 1.6
vendor:	cisco	model:	catos	scope:	eq	version:	5.5\(4b\)	Trust: 1.6
vendor:	cisco	model:	catos	scope:	eq	version:	4.5\(11\)	Trust: 1.6
vendor:	cisco	model:	catos	scope:	eq	version:	6.1\(2\)	Trust: 1.6
vendor:	lotus	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	rit	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.6	Trust: 0.3
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.5	Trust: 0.3
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	lotus	model:	domino	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	lotus	model:	domino	scope:	ne	version:	5.0.7	Trust: 0.3
vendor:	catos	model:	-	scope:	eq	version:	4.5(11)	Trust: 0.2
vendor:	catos	model:	-	scope:	eq	version:	4.5.10	Trust: 0.2
vendor:	catos	model:	5.5	scope:	-	version:	-	Trust: 0.2
vendor:	catos	model:	-	scope:	eq	version:	5.5(6)	Trust: 0.2
vendor:	catos	model:	6.1	scope:	-	version:	-	Trust: 0.2
vendor:	catos	model:	-	scope:	eq	version:	6.1(2)	Trust: 0.2
vendor:	catos	model:	-	scope:	eq	version:	6.1.2	Trust: 0.2

sources: IVD: bbed9956-23ce-11e6-abef-000c29c66e3d // CERT/CC: VU#601312 // CERT/CC: VU#310816 // BID: 2565 // CNNVD: CNNVD-200107-020 // NVD: CVE-2001-0429

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2001-0429
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#601312
value:	9.98
Trust: 0.8
CARNEGIE MELLON:	VU#310816
value:	1.62
Trust: 0.8
CNNVD:	CNNVD-200107-020
value:	MEDIUM
Trust: 0.6
IVD:	bbed9956-23ce-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-3248
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2001-0429
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
IVD:	bbed9956-23ce-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-3248
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: bbed9956-23ce-11e6-abef-000c29c66e3d // CERT/CC: VU#601312 // CERT/CC: VU#310816 // VULHUB: VHN-3248 // CNNVD: CNNVD-200107-020 // NVD: CVE-2001-0429

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-0429

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200107-020

TYPE

unknown

Trust: 0.8

sources: IVD: bbed9956-23ce-11e6-abef-000c29c66e3d // CNNVD: CNNVD-200107-020

EXTERNAL IDS

db:	NVD	id:	CVE-2001-0429	Trust: 1.9
db:	BID	id:	2604	Trust: 1.7
db:	BID	id:	2565	Trust: 1.1
db:	CNNVD	id:	CNNVD-200107-020	Trust: 0.9
db:	XF	id:	6347	Trust: 0.8
db:	CERT/CC	id:	VU#601312	Trust: 0.8
db:	XF	id:	6423	Trust: 0.8
db:	BID	id:	2636	Trust: 0.8
db:	CERT/CC	id:	VU#310816	Trust: 0.8
db:	CISCO	id:	20010416 CATALYST 5000 SERIES 802.1X VULNERABILITY	Trust: 0.6
db:	CIAC	id:	L-072	Trust: 0.6
db:	XF	id:	6379	Trust: 0.6
db:	XF	id:	8021	Trust: 0.6
db:	IVD	id:	BBED9956-23CE-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-3248	Trust: 0.1

sources: IVD: bbed9956-23ce-11e6-abef-000c29c66e3d // CERT/CC: VU#601312 // CERT/CC: VU#310816 // VULHUB: VHN-3248 // BID: 2565 // CNNVD: CNNVD-200107-020 // NVD: CVE-2001-0429

REFERENCES

url:	http://www.securityfocus.com/bid/2604	Trust: 1.7
url:	http://www.ciac.org/ciac/bulletins/l-072.shtml	Trust: 1.7
url:	http://www.cisco.com/warp/public/707/cat5k-8021x-vuln-pub.shtml	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/6379	Trust: 1.1
url:	http://www.securityfocus.com/bid/2565	Trust: 0.8
url:	http://xforce.iss.net/static/6347.php	Trust: 0.8
url:	http://www.securityfocus.com/advisories/3208	Trust: 0.8
url:	http://www.notes.net/r5fixlist.nsf/a8f0ffda1fc76c8985256752006aba6c?openview&start=3.111&count=30&expand=3.126#3.126	Trust: 0.8
url:	http://www.securityfocus.com/bid/2636	Trust: 0.8
url:	http://www.ritlabs.com/the_bat/index.html	Trust: 0.8
url:	http://www.security.nnov.ru/search/news.asp?binid=1136	Trust: 0.8
url:	http://xforce.iss.net/static/6423.php	Trust: 0.8
url:	http://xforce.iss.net/static/6379.php	Trust: 0.6
url:	http://www.lotus.com/home.nsf/welcome/domino	Trust: 0.3

sources: CERT/CC: VU#601312 // CERT/CC: VU#310816 // VULHUB: VHN-3248 // BID: 2565 // CNNVD: CNNVD-200107-020 // NVD: CVE-2001-0429

CREDITS

Discovered and posted to Bugtraq by Peter Gründl <peter.grundl@defcom.com> on April 11, 2001.

Trust: 0.3

sources: BID: 2565

SOURCES

db:	IVD	id:	bbed9956-23ce-11e6-abef-000c29c66e3d
db:	CERT/CC	id:	VU#601312
db:	CERT/CC	id:	VU#310816
db:	VULHUB	id:	VHN-3248
db:	BID	id:	2565
db:	CNNVD	id:	CNNVD-200107-020
db:	NVD	id:	CVE-2001-0429

LAST UPDATE DATE

2024-10-16T20:46:20.367000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#601312	date:	2001-07-17T00:00:00
db:	CERT/CC	id:	VU#310816	date:	2001-08-30T00:00:00
db:	VULHUB	id:	VHN-3248	date:	2017-10-10T00:00:00
db:	BID	id:	2565	date:	2001-04-11T00:00:00
db:	CNNVD	id:	CNNVD-200107-020	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2001-0429	date:	2017-10-10T01:29:43.517

SOURCES RELEASE DATE

db:	IVD	id:	bbed9956-23ce-11e6-abef-000c29c66e3d	date:	2001-07-02T00:00:00
db:	CERT/CC	id:	VU#601312	date:	2001-07-12T00:00:00
db:	CERT/CC	id:	VU#310816	date:	2001-06-01T00:00:00
db:	VULHUB	id:	VHN-3248	date:	2001-07-02T00:00:00
db:	BID	id:	2565	date:	2001-04-11T00:00:00
db:	CNNVD	id:	CNNVD-200107-020	date:	2001-07-02T00:00:00
db:	NVD	id:	CVE-2001-0429	date:	2001-07-02T04:00:00