Details of VAR-200412-0165

ID

VAR-200412-0165

CVE

CVE-2004-1468

TITLE

Cisco Catalyst Enable Password Bypass Vulnerability

Trust: 0.9

sources: BID: 1122 // CNNVD: CNNVD-200412-1201

DESCRIPTION

The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message. Usermin Is Web The module that sends and receives emails via the interface is incomplete and received HTML Another in the email Usermin A vulnerability exists that does not properly remove links to modules.An arbitrary command may be executed with the authority of the user who received and viewed the email. Webmin / Usermin are reportedly affected by a command execution vulnerability when rendering HTML email messages. This issue is reported to affect Usermin versions 1.080 and prior. Under certain versions of the Cisco Catalyst a user who already has access to the device can elevate their current access to 'enable' mode without a password. Once 'enable' mode is obtained the user can access the configuration mode and commit unauthorized configuration changes on a Catalyst switch. This can be done either from the console itself or via a remote Telnet session

Trust: 2.25

sources: NVD: CVE-2004-1468 // JVNDB: JVNDB-2004-000116 // BID: 11122 // BID: 1122 // VULMON: CVE-2004-1468

AFFECTED PRODUCTS

vendor:	usermin	model:	usermin	scope:	eq	version:	1.080	Trust: 1.9
vendor:	usermin	model:	usermin	scope:	eq	version:	1.070	Trust: 1.9
vendor:	usermin	model:	usermin	scope:	eq	version:	1.060	Trust: 1.9
vendor:	usermin	model:	usermin	scope:	eq	version:	1.051	Trust: 1.9
vendor:	usermin	model:	usermin	scope:	eq	version:	1.040	Trust: 1.9
vendor:	usermin	model:	usermin	scope:	eq	version:	1.030	Trust: 1.9
vendor:	usermin	model:	usermin	scope:	eq	version:	1.020	Trust: 1.9
vendor:	usermin	model:	usermin	scope:	eq	version:	1.010	Trust: 1.9
vendor:	usermin	model:	usermin	scope:	eq	version:	1.000	Trust: 1.9
vendor:	webmin	model:	webmin	scope:	eq	version:	1.0.20	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.0.50	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.1.50	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.0.90	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.1.30	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.1.40	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.1.21	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.0.80	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.1.10	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.0.70	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.0.60	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.1.00	Trust: 1.0
vendor:	webmin	model:	webmin	scope:	eq	version:	1.0.00	Trust: 1.0
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	2.0	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	2.1	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3.0	Trust: 0.8
vendor:	webmin	model:	webmin	scope:	eq	version:	1.150	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.140	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.130	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.121	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.110	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.100	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.090	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.080	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.070	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.060	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.050	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.020	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	eq	version:	1.000	Trust: 0.3
vendor:	webmin	model:	webmin	scope:	ne	version:	1.160	Trust: 0.3
vendor:	usermin	model:	usermin	scope:	ne	version:	1.090	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	65005.4.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	60005.4.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	55005.4.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	50005.4.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	40005.4.1	Trust: 0.3

sources: BID: 11122 // BID: 1122 // JVNDB: JVNDB-2004-000116 // CNNVD: CNNVD-200412-1201 // NVD: CVE-2004-1468

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1468
value:	HIGH
Trust: 1.0
NVD:	CVE-2004-1468
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200412-1201
value:	HIGH
Trust: 0.6
VULMON:	CVE-2004-1468
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2004-1468
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

sources: VULMON: CVE-2004-1468 // JVNDB: JVNDB-2004-000116 // CNNVD: CNNVD-200412-1201 // NVD: CVE-2004-1468

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1468

THREAT TYPE

network

Trust: 0.6

sources: BID: 11122 // BID: 1122

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200412-1201

CONFIGURATIONS

sources: JVNDB: JVNDB-2004-000116

PATCH

title:	usermin (V2.x/V3.0)	url:	http://www.miraclelinux.com/update/linux/list.php?errata_id=19	Trust: 0.8
title:	usermin (V2.x)	url:	http://www.miraclelinux.com/support/update/list.php?errata_id=990	Trust: 0.8

sources: JVNDB: JVNDB-2004-000116

EXTERNAL IDS

db:	BID	id:	11122	Trust: 2.8
db:	NVD	id:	CVE-2004-1468	Trust: 2.5
db:	SECUNIA	id:	12488	Trust: 1.7
db:	BID	id:	1122	Trust: 0.9
db:	JVNDB	id:	JVNDB-2004-000116	Trust: 0.8
db:	GENTOO	id:	GLSA-200409-15	Trust: 0.6
db:	XF	id:	17293	Trust: 0.6
db:	CNNVD	id:	CNNVD-200412-1201	Trust: 0.6
db:	VULMON	id:	CVE-2004-1468	Trust: 0.1

sources: VULMON: CVE-2004-1468 // BID: 11122 // BID: 1122 // JVNDB: JVNDB-2004-000116 // CNNVD: CNNVD-200412-1201 // NVD: CVE-2004-1468

REFERENCES

url:	http://www.securityfocus.com/bid/11122	Trust: 2.5
url:	http://www.lac.co.jp/security/csl/intelligence/snsadvisory_e/77_e.html	Trust: 1.7
url:	http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml	Trust: 1.7
url:	http://secunia.com/advisories/12488/	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/17293	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-1468	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-1468	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/17293	Trust: 0.6
url:	http://www.webmin.com/index6.html	Trust: 0.3
url:	/archive/1/374439	Trust: 0.3
url:	http://www.cisco.com/warp/public/707/sec_incident_response.shtml	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=8115	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2004-1468 // BID: 11122 // BID: 1122 // JVNDB: JVNDB-2004-000116 // CNNVD: CNNVD-200412-1201 // NVD: CVE-2004-1468

CREDITS

This vulnerability was announced by Cisco in a security advisory posted to the Bugtraq mailing list on April 19, 2000. The Cisco BugID for this issue is: CSCdr10025

Trust: 0.9

sources: BID: 1122 // CNNVD: CNNVD-200412-1201

SOURCES

db:	VULMON	id:	CVE-2004-1468
db:	BID	id:	11122
db:	BID	id:	1122
db:	JVNDB	id:	JVNDB-2004-000116
db:	CNNVD	id:	CNNVD-200412-1201
db:	NVD	id:	CVE-2004-1468

LAST UPDATE DATE

2024-08-14T14:16:24.721000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2004-1468	date:	2017-07-11T00:00:00
db:	BID	id:	11122	date:	2004-09-07T00:00:00
db:	BID	id:	1122	date:	2000-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2004-000116	date:	2007-05-14T00:00:00
db:	CNNVD	id:	CNNVD-200412-1201	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-1468	date:	2017-07-11T01:31:03.577

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2004-1468	date:	2004-12-31T00:00:00
db:	BID	id:	11122	date:	2004-09-07T00:00:00
db:	BID	id:	1122	date:	2000-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2004-000116	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200412-1201	date:	2004-12-31T00:00:00
db:	NVD	id:	CVE-2004-1468	date:	2004-12-31T05:00:00