Details of VAR-200411-0101

ID

VAR-200411-0101

CVE

CVE-2004-0244

TITLE

Cisco 6000/6500/7600 series systems fail to properly process layer 2 frames

Trust: 0.8

sources: CERT/CC: VU#810062

DESCRIPTION

Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet. A problem has been identified in the handling of specific types of traffic by Cisco 6000, 6500, and 7600 routers with the MSFC2 device. Because of this, an attacker could potentially crash a vulnerable system. layer 2 frame (layer 2 frame) is used to encapsulate layer 3 packets. Cisco 6000/6500/7600 are high-end routers. Cisco 6000, 6500, and 7600 routers using MSFC2 devices improperly handle some communications, and a remote attacker could exploit this vulnerability to perform a denial-of-service attack on the device. However, this particular package must be soft-swapped on the system affected by this vulnerability to have this problem, and hard-swapping cannot trigger this vulnerability. Although such frames can only be sent from the local network segment, they may also be triggered remotely under certain conditions. To be exploited remotely, the constructed layer 2 frame needs to pass through all source and destination layer 3 devices during the destination, without any pruning

Trust: 2.7

sources: NVD: CVE-2004-0244 // CERT/CC: VU#810062 // JVNDB: JVNDB-2004-000031 // BID: 9562 // VULHUB: VHN-8674

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	12.2sy	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2za	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.1e	Trust: 1.6
vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.1	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 0.8
vendor:	cisco	model:	ios 12.2za	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1e	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 za	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sy	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1 e15	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1 e1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1 e14	scope:	ne	version:	-	Trust: 0.3

sources: CERT/CC: VU#810062 // BID: 9562 // JVNDB: JVNDB-2004-000031 // CNNVD: CNNVD-200411-156 // NVD: CVE-2004-0244

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-0244
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#810062
value:	6.24
Trust: 0.8
NVD:	CVE-2004-0244
value:	LOW
Trust: 0.8
CNNVD:	CNNVD-200411-156
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-8674
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-0244
severity:	MEDIUM
baseScore:	4.7
vectorString:	AV:L/AC:M/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	CVE-2004-0244
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-8674
severity:	MEDIUM
baseScore:	4.7
vectorString:	AV:L/AC:M/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#810062 // VULHUB: VHN-8674 // JVNDB: JVNDB-2004-000031 // CNNVD: CNNVD-200411-156 // NVD: CVE-2004-0244

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-8674 // JVNDB: JVNDB-2004-000031 // NVD: CVE-2004-0244

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-200411-156

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200411-156

CONFIGURATIONS

sources: JVNDB: JVNDB-2004-000031

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-8674

PATCH

title:

cisco-sa-20040203-cat6k

url:

http://www.cisco.com/warp/public/707/cisco-sa-20040203-cat6k.shtml

Trust: 0.8

sources: JVNDB: JVNDB-2004-000031

EXTERNAL IDS

db:	BID	id:	9562	Trust: 3.6
db:	NVD	id:	CVE-2004-0244	Trust: 2.8
db:	SECUNIA	id:	10780	Trust: 2.5
db:	CERT/CC	id:	VU#810062	Trust: 2.5
db:	XF	id:	15013	Trust: 1.4
db:	SECTRACK	id:	1008923	Trust: 0.8
db:	JVNDB	id:	JVNDB-2004-000031	Trust: 0.8
db:	CNNVD	id:	CNNVD-200411-156	Trust: 0.7
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:5828	Trust: 0.6
db:	CISCO	id:	20040203 CISCO 6000/6500/7600 CRAFTED LAYER 2 FRAME VULNERABILITY	Trust: 0.6
db:	EXPLOIT-DB	id:	23638	Trust: 0.1
db:	SEEBUG	id:	SSVID-77390	Trust: 0.1
db:	VULHUB	id:	VHN-8674	Trust: 0.1

sources: CERT/CC: VU#810062 // VULHUB: VHN-8674 // BID: 9562 // JVNDB: JVNDB-2004-000031 // CNNVD: CNNVD-200411-156 // NVD: CVE-2004-0244

REFERENCES

url:	http://www.securityfocus.com/bid/9562	Trust: 3.3
url:	http://www.cisco.com/warp/public/707/cisco-sa-20040203-cat6k.shtml	Trust: 2.8
url:	http://www.kb.cert.org/vuls/id/810062	Trust: 1.7
url:	http://secunia.com/advisories/10780	Trust: 1.7
url:	http://xforce.iss.net/xforce/xfdb/15013	Trust: 1.4
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5828	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/15013	Trust: 1.1
url:	http://www.cisco.com/en/us/products/hw/switches/ps708/index.html	Trust: 0.8
url:	http://www.cisco.com/en/us/products/hw/routers/ps368/index.html	Trust: 0.8
url:	http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/prodlit/msfc2_ds.htm	Trust: 0.8
url:	http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/introint.htm#xtocid5	Trust: 0.8
url:	http://www.cisco.com/en/us/products/hw/switches/ps700/products_tech_note09186a008015bfa6.shtml#subtopic1a	Trust: 0.8
url:	http://www.secunia.com/advisories/10780/	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0244	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0244	Trust: 0.8
url:	http://www.securitytracker.com/alerts/2004/feb/1008923.html	Trust: 0.8
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5828	Trust: 0.6

sources: CERT/CC: VU#810062 // VULHUB: VHN-8674 // BID: 9562 // JVNDB: JVNDB-2004-000031 // CNNVD: CNNVD-200411-156 // NVD: CVE-2004-0244

CREDITS

Cisco Security bulletin

Trust: 0.6

sources: CNNVD: CNNVD-200411-156

SOURCES

db:	CERT/CC	id:	VU#810062
db:	VULHUB	id:	VHN-8674
db:	BID	id:	9562
db:	JVNDB	id:	JVNDB-2004-000031
db:	CNNVD	id:	CNNVD-200411-156
db:	NVD	id:	CVE-2004-0244

LAST UPDATE DATE

2024-08-14T15:25:43.222000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#810062	date:	2004-04-05T00:00:00
db:	VULHUB	id:	VHN-8674	date:	2017-10-11T00:00:00
db:	BID	id:	9562	date:	2009-07-12T02:06:00
db:	JVNDB	id:	JVNDB-2004-000031	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200411-156	date:	2009-03-04T00:00:00
db:	NVD	id:	CVE-2004-0244	date:	2017-10-11T01:29:24.870

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#810062	date:	2004-03-30T00:00:00
db:	VULHUB	id:	VHN-8674	date:	2004-11-23T00:00:00
db:	BID	id:	9562	date:	2004-02-03T00:00:00
db:	JVNDB	id:	JVNDB-2004-000031	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200411-156	date:	2004-02-03T00:00:00
db:	NVD	id:	CVE-2004-0244	date:	2004-11-23T05:00:00