ID
VAR-200210-0004
CVE
CVE-2002-1222
TITLE
Cisco CatOS CiscoView HTTP Server Buffer Overflow Vulnerability
Trust: 0.9
DESCRIPTION
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. Certain versions of Cisco CatOS ship with an embedded HTTP server. This issue is reported to affect CatOS versions 5.4 through 7.4 which contain "cv" in the image name
Trust: 1.26
AFFECTED PRODUCTS
| vendor: | cisco | model: | catos | scope: | eq | version: | 5.5 | Trust: 2.2 |
| vendor: | cisco | model: | catos | scope: | eq | version: | 7.4 | Trust: 1.9 |
| vendor: | cisco | model: | catos | scope: | eq | version: | 7.3 | Trust: 1.9 |
| vendor: | cisco | model: | catos | scope: | eq | version: | 6.1 | Trust: 1.9 |
| vendor: | cisco | model: | catos | scope: | eq | version: | 5.4 | Trust: 1.9 |
| vendor: | cisco | model: | catos | scope: | eq | version: | 5.5\(13a\) | Trust: 1.6 |
| vendor: | cisco | model: | catos | scope: | eq | version: | 6.1\(2\) | Trust: 1.6 |
| vendor: | cisco | model: | catos | scope: | eq | version: | 6.1(2) | Trust: 0.3 |
| vendor: | cisco | model: | catos | scope: | ne | version: | 7.4(1) | Trust: 0.3 |
| vendor: | cisco | model: | catos | scope: | ne | version: | 7.4(0.63) | Trust: 0.3 |
| vendor: | cisco | model: | catos | scope: | ne | version: | 6.3(9) | Trust: 0.3 |
| vendor: | cisco | model: | catos | scope: | ne | version: | 6.3(8.3) | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-119 | Trust: 1.1 |
THREAT TYPE
remote
Trust: 0.6
TYPE
buffer overflow
Trust: 0.6
EXPLOIT AVAILABILITY
EXTERNAL IDS
| db: | BID | id: | 5976 | Trust: 2.0 |
| db: | NVD | id: | CVE-2002-1222 | Trust: 2.0 |
| db: | CNNVD | id: | CNNVD-200210-286 | Trust: 0.7 |
| db: | CISCO | id: | 20021016 CISCO CATOS EMBEDDED HTTP SERVER BUFFER OVERFLOW | Trust: 0.6 |
| db: | XF | id: | 10382 | Trust: 0.6 |
| db: | EXPLOIT-DB | id: | 21944 | Trust: 0.1 |
| db: | SEEBUG | id: | SSVID-75759 | Trust: 0.1 |
| db: | VULHUB | id: | VHN-5607 | Trust: 0.1 |
REFERENCES
| url: | http://www.securityfocus.com/bid/5976 | Trust: 1.7 |
| url: | http://www.cisco.com/warp/public/707/catos-http-overflow-vuln.shtml | Trust: 1.7 |
| url: | http://www.iss.net/security_center/static/10382.php | Trust: 1.7 |
CREDITS
Vulnerability announced in a Cisco Security Advisory.
Trust: 0.9
SOURCES
| db: | VULHUB | id: | VHN-5607 |
| db: | BID | id: | 5976 |
| db: | CNNVD | id: | CNNVD-200210-286 |
| db: | NVD | id: | CVE-2002-1222 |
LAST UPDATE DATE
2024-08-14T13:40:35.538000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-5607 | date: | 2008-09-10T00:00:00 |
| db: | BID | id: | 5976 | date: | 2009-07-11T18:06:00 |
| db: | CNNVD | id: | CNNVD-200210-286 | date: | 2005-05-13T00:00:00 |
| db: | NVD | id: | CVE-2002-1222 | date: | 2008-09-10T19:14:04.743 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-5607 | date: | 2002-10-28T00:00:00 |
| db: | BID | id: | 5976 | date: | 2002-10-16T00:00:00 |
| db: | CNNVD | id: | CNNVD-200210-286 | date: | 2002-10-28T00:00:00 |
| db: | NVD | id: | CVE-2002-1222 | date: | 2002-10-28T05:00:00 |