Sign-up

ID

VAR-200411-0149


CVE

CVE-2004-0352


TITLE

Cisco Content Service Switch Management Port UDP Denial Of Service Vulnerability

Trust: 0.9

sources: BID: 9806 // CNNVD: CNNVD-200411-063

DESCRIPTION

Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002

Trust: 2.7

sources: NVD: CVE-2004-0352 // CERT/CC: VU#363374 // JVNDB: JVNDB-2004-000937 // BID: 9806 // VULHUB: VHN-8782

AFFECTED PRODUCTS

vendor:ciscomodel:content services switch 11000scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:content services switch 11150scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:content services switch 11800scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:content services switch 11050scope:eqversion:*

Trust: 1.0

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:content services switch 11800scope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:content services switch 11150scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:content services switch 11000scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:content services switch 11050scope: - version: -

Trust: 0.8

vendor:ciscomodel:content services switch 11150scope: - version: -

Trust: 0.6

vendor:ciscomodel:content services switch 11050scope: - version: -

Trust: 0.6

vendor:ciscomodel:content services switch 11800scope: - version: -

Trust: 0.6

vendor:ciscomodel:content services switch 11000scope: - version: -

Trust: 0.6

vendor:ciscomodel:css11800 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:css11150 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:css11050 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:css11000 content services switchscope: - version: -

Trust: 0.3

sources: CERT/CC: VU#363374 // BID: 9806 // JVNDB: JVNDB-2004-000937 // CNNVD: CNNVD-200411-063 // NVD: CVE-2004-0352

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-0352
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#363374
value: 1.86

Trust: 0.8

NVD: CVE-2004-0352
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200411-063
value: MEDIUM

Trust: 0.6

VULHUB: VHN-8782
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2004-0352
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-8782
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#363374 // VULHUB: VHN-8782 // JVNDB: JVNDB-2004-000937 // CNNVD: CNNVD-200411-063 // NVD: CVE-2004-0352

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2004-000937 // NVD: CVE-2004-0352

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200411-063

TYPE

Design Error

Trust: 0.9

sources: BID: 9806 // CNNVD: CNNVD-200411-063

PATCH

title:Cisco CSS 11050 Content Services Switchurl:https://www.cisco.com/web/JP/product/hs/contnetw/css11000/prodlit/pdf/0182_css11050.pdf

Trust: 0.8

sources: JVNDB: JVNDB-2004-000937

EXTERNAL IDS

db:NVDid:CVE-2004-0352

Trust: 3.6

db:CERT/CCid:VU#363374

Trust: 3.3

db:BIDid:9806

Trust: 2.8

db:SECUNIAid:11045

Trust: 0.8

db:JVNDBid:JVNDB-2004-000937

Trust: 0.8

db:CNNVDid:CNNVD-200411-063

Trust: 0.7

db:XFid:15388

Trust: 0.6

db:CISCOid:20040304 CISCO CSS 11000 SERIES CONTENT SERVICES SWITCHES MALFORMED UDP PACKET VULNERABILITY

Trust: 0.6

db:VULHUBid:VHN-8782

Trust: 0.1

sources: CERT/CC: VU#363374 // VULHUB: VHN-8782 // BID: 9806 // JVNDB: JVNDB-2004-000937 // CNNVD: CNNVD-200411-063 // NVD: CVE-2004-0352

REFERENCES

url:http://www.cisco.com/warp/public/707/cisco-sa-20040304-css.shtml

Trust: 3.6

url:http://www.securityfocus.com/bid/9806

Trust: 2.5

url:http://www.kb.cert.org/vuls/id/363374

Trust: 2.5

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/15388

Trust: 1.9

url:http://secunia.com/advisories/11045/

Trust: 0.8

url:http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_610/advcggd/proximty.htm

Trust: 0.8

url:http://www.cisco.com/en/us/products/hw/contnetw/ps789/products_user_guide09186a00800b3d8e.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2004-0352

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/15388

Trust: 0.6

sources: CERT/CC: VU#363374 // VULHUB: VHN-8782 // BID: 9806 // JVNDB: JVNDB-2004-000937 // CNNVD: CNNVD-200411-063 // NVD: CVE-2004-0352

CREDITS

Discovery credited to Timothy Arnold.

Trust: 0.9

sources: BID: 9806 // CNNVD: CNNVD-200411-063

SOURCES

db:CERT/CCid:VU#363374
db:VULHUBid:VHN-8782
db:BIDid:9806
db:JVNDBid:JVNDB-2004-000937
db:CNNVDid:CNNVD-200411-063
db:NVDid:CVE-2004-0352

LAST UPDATE DATE

2024-08-14T15:36:07.134000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#363374date:2004-07-29T00:00:00
db:VULHUBid:VHN-8782date:2017-07-11T00:00:00
db:BIDid:9806date:2006-09-01T21:23:00
db:JVNDBid:JVNDB-2004-000937date:2024-06-07T09:02:00
db:CNNVDid:CNNVD-200411-063date:2005-10-20T00:00:00
db:NVDid:CVE-2004-0352date:2017-07-11T01:30:05.620

SOURCES RELEASE DATE

db:CERT/CCid:VU#363374date:2004-03-05T00:00:00
db:VULHUBid:VHN-8782date:2004-11-23T00:00:00
db:BIDid:9806date:2004-03-04T00:00:00
db:JVNDBid:JVNDB-2004-000937date:2024-06-07T00:00:00
db:CNNVDid:CNNVD-200411-063date:2004-11-23T00:00:00
db:NVDid:CVE-2004-0352date:2004-11-23T05:00:00