Sign-up

ID

VAR-200208-0031


CVE

CVE-2002-0813


TITLE

Cisco IOS TFTP Service Long File Name Remote Buffer Overflow Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200208-244

DESCRIPTION

Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. A problem has been discovered in Cisco IOS and MGX switches that could result in a denial of service, and potential code execution. This overflow results due insufficient bounds checking on requested file names. A request for a file name of 700 or more bytes will result a crash of the router, and reboot of the device. On Cisco MGX switches, the TFTP service will fail but the device will continue to function. Cisco IOS versions 12.0 and later are not prone to this issue. Cisco has assigned Cisco Bug ID CSCdy03429 to this vulnerability. Cisco has announced that some MGX switches are also affected by this issue. Cisco has assigned Cisco Bug ID CSCdy03429 to this vulnerability. Cisco routers are widely used Internet routers developed by CISCO, using the Cisco IOS operating system

Trust: 1.26

sources: NVD: CVE-2002-0813 // BID: 5328 // VULHUB: VHN-5204

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:11.2

Trust: 1.9

vendor:ciscomodel:iosscope:eqversion:11.1

Trust: 1.9

vendor:ciscomodel:iosscope:eqversion:11.3

Trust: 1.9

vendor:ciscomodel:iosscope:neversion:12.1

Trust: 0.3

vendor:ciscomodel:mgxscope:eqversion:82501.2.10

Trust: 0.3

vendor:ciscomodel:mgxscope:neversion:8830

Trust: 0.3

vendor:ciscomodel:mgxscope:neversion:8850

Trust: 0.3

vendor:ciscomodel:mgx pxm1scope:neversion:8850-1.2.11

Trust: 0.3

vendor:ciscomodel:mgx pxm1scope:eqversion:8850-1.2.10

Trust: 0.3

vendor:ciscomodel:mgxscope:neversion:82301.2.11

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:12.0

Trust: 0.3

vendor:ciscomodel:mgxscope:neversion:82501.2.11

Trust: 0.3

vendor:ciscomodel:mgxscope:eqversion:82301.2.10

Trust: 0.3

sources: BID: 5328 // CNNVD: CNNVD-200208-244 // NVD: CVE-2002-0813

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-0813
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200208-244
value: HIGH

Trust: 0.6

VULHUB: VHN-5204
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2002-0813
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-5204
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-5204 // CNNVD: CNNVD-200208-244 // NVD: CVE-2002-0813

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.1

sources: VULHUB: VHN-5204 // NVD: CVE-2002-0813

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200208-244

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200208-244

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-5204

EXTERNAL IDS
db:BIDid:5328
Trust: 2.0
db:NVDid:CVE-2002-0813
Trust: 1.7
db:OSVDBid:854
Trust: 1.7
db:CNNVDid:CNNVD-200208-244
Trust: 0.7
db:CISCOid:20020730 TFTP LONG FILENAME VULNERABILITY
Trust: 0.6
db:BUGTRAQid:20020727 PHENOELIT ADVISORY, 0815 ++ * - CISCO_TFTP
Trust: 0.6
db:BUGTRAQid:20020822 CISCO IOS EXPLOIT POC
Trust: 0.6
db:XFid:9700
Trust: 0.6
db:SEEBUGid:SSVID-75479
Trust: 0.1
db:EXPLOIT-DBid:21655
Trust: 0.1
db:VULHUBid:VHN-5204
Trust: 0.1
sources:
            
            
            VULHUB: VHN-5204 // 
            
            
            
            BID: 5328 // 
            
            
            
            CNNVD: CNNVD-200208-244 // 
            
            
            
            NVD: CVE-2002-0813

REFERENCES
url:http://www.securityfocus.com/bid/5328
Trust: 1.7
url:http://online.securityfocus.com/archive/1/284634
Trust: 1.7
url:http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtml
Trust: 1.7
url:http://www.osvdb.org/854
Trust: 1.7
url:http://www.iss.net/security_center/static/9700.php
Trust: 1.7
url:http://marc.info/?l=bugtraq&m=103002169829669&w=2
Trust: 1.1
url:http://marc.theaimsgroup.com/?l=bugtraq&m=103002169829669&w=2
Trust: 0.6
url:http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtml#revision
Trust: 0.3
url:http://www.phenoelit.de/stuff/cisco_tftp.txt
Trust: 0.3
sources:
            
            
            VULHUB: VHN-5204 // 
            
            
            
            BID: 5328 // 
            
            
            
            CNNVD: CNNVD-200208-244 // 
            
            
            
            NVD: CVE-2002-0813

CREDITS
kim0 kim0@phenoelit.de
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200208-244

SOURCES
db:VULHUBid:VHN-5204
db:BIDid:5328
db:CNNVDid:CNNVD-200208-244
db:NVDid:CVE-2002-0813

LAST UPDATE DATE
2024-08-14T15:04:54.456000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-5204date:2016-10-18T00:00:00
db:BIDid:5328date:2002-07-27T00:00:00
db:CNNVDid:CNNVD-200208-244date:2005-05-02T00:00:00
db:NVDid:CVE-2002-0813date:2016-10-18T02:22:00.760

SOURCES RELEASE DATE
db:VULHUBid:VHN-5204date:2002-08-12T00:00:00
db:BIDid:5328date:2002-07-27T00:00:00
db:CNNVDid:CNNVD-200208-244date:2002-07-27T00:00:00
db:NVDid:CVE-2002-0813date:2002-08-12T04:00:00