ID

VAR-200412-0165


CVE

CVE-2004-1468


TITLE

Cisco Catalyst Enable Password Bypass Vulnerability

Trust: 0.9

sources: BID: 1122 // CNNVD: CNNVD-200412-1201

DESCRIPTION

The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message. Usermin Is Web The module that sends and receives emails via the interface is incomplete and received HTML Another in the email Usermin A vulnerability exists that does not properly remove links to modules.An arbitrary command may be executed with the authority of the user who received and viewed the email. Webmin / Usermin are reportedly affected by a command execution vulnerability when rendering HTML email messages. This issue is reported to affect Usermin versions 1.080 and prior. Under certain versions of the Cisco Catalyst a user who already has access to the device can elevate their current access to 'enable' mode without a password. Once 'enable' mode is obtained the user can access the configuration mode and commit unauthorized configuration changes on a Catalyst switch. This can be done either from the console itself or via a remote Telnet session

Trust: 2.25

sources: NVD: CVE-2004-1468 // JVNDB: JVNDB-2004-000116 // BID: 11122 // BID: 1122 // VULMON: CVE-2004-1468

AFFECTED PRODUCTS

vendor:userminmodel:userminscope:eqversion:1.080

Trust: 1.9

vendor:userminmodel:userminscope:eqversion:1.070

Trust: 1.9

vendor:userminmodel:userminscope:eqversion:1.060

Trust: 1.9

vendor:userminmodel:userminscope:eqversion:1.051

Trust: 1.9

vendor:userminmodel:userminscope:eqversion:1.040

Trust: 1.9

vendor:userminmodel:userminscope:eqversion:1.030

Trust: 1.9

vendor:userminmodel:userminscope:eqversion:1.020

Trust: 1.9

vendor:userminmodel:userminscope:eqversion:1.010

Trust: 1.9

vendor:userminmodel:userminscope:eqversion:1.000

Trust: 1.9

vendor:webminmodel:webminscope:eqversion:1.0.20

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.0.50

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.1.50

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.0.90

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.1.30

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.1.40

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.1.21

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.0.80

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.1.10

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.0.70

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.0.60

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.1.00

Trust: 1.0

vendor:webminmodel:webminscope:eqversion:1.0.00

Trust: 1.0

vendor:cybertrustmodel:asianux serverscope:eqversion:2.0

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:2.1

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3.0

Trust: 0.8

vendor:webminmodel:webminscope:eqversion:1.150

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.140

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.130

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.121

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.110

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.100

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.090

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.080

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.070

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.060

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.050

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.020

Trust: 0.3

vendor:webminmodel:webminscope:eqversion:1.000

Trust: 0.3

vendor:webminmodel:webminscope:neversion:1.160

Trust: 0.3

vendor:userminmodel:userminscope:neversion:1.090

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:65005.4.1

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.4.1

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:55005.4.1

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.4.1

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.4.1

Trust: 0.3

sources: BID: 11122 // BID: 1122 // JVNDB: JVNDB-2004-000116 // CNNVD: CNNVD-200412-1201 // NVD: CVE-2004-1468

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-1468
value: HIGH

Trust: 1.0

NVD: CVE-2004-1468
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200412-1201
value: HIGH

Trust: 0.6

VULMON: CVE-2004-1468
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-1468
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-2004-1468 // JVNDB: JVNDB-2004-000116 // CNNVD: CNNVD-200412-1201 // NVD: CVE-2004-1468

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1468

THREAT TYPE

network

Trust: 0.6

sources: BID: 11122 // BID: 1122

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200412-1201

CONFIGURATIONS

sources: JVNDB: JVNDB-2004-000116

PATCH

title:usermin (V2.x/V3.0)url:http://www.miraclelinux.com/update/linux/list.php?errata_id=19

Trust: 0.8

title:usermin (V2.x)url:http://www.miraclelinux.com/support/update/list.php?errata_id=990

Trust: 0.8

sources: JVNDB: JVNDB-2004-000116

EXTERNAL IDS

db:BIDid:11122

Trust: 2.8

db:NVDid:CVE-2004-1468

Trust: 2.5

db:SECUNIAid:12488

Trust: 1.7

db:BIDid:1122

Trust: 0.9

db:JVNDBid:JVNDB-2004-000116

Trust: 0.8

db:GENTOOid:GLSA-200409-15

Trust: 0.6

db:XFid:17293

Trust: 0.6

db:CNNVDid:CNNVD-200412-1201

Trust: 0.6

db:VULMONid:CVE-2004-1468

Trust: 0.1

sources: VULMON: CVE-2004-1468 // BID: 11122 // BID: 1122 // JVNDB: JVNDB-2004-000116 // CNNVD: CNNVD-200412-1201 // NVD: CVE-2004-1468

REFERENCES

url:http://www.securityfocus.com/bid/11122

Trust: 2.5

url:http://www.lac.co.jp/security/csl/intelligence/snsadvisory_e/77_e.html

Trust: 1.7

url:http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml

Trust: 1.7

url:http://secunia.com/advisories/12488/

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/17293

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-1468

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-1468

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/17293

Trust: 0.6

url:http://www.webmin.com/index6.html

Trust: 0.3

url:/archive/1/374439

Trust: 0.3

url:http://www.cisco.com/warp/public/707/sec_incident_response.shtml

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=8115

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2004-1468 // BID: 11122 // BID: 1122 // JVNDB: JVNDB-2004-000116 // CNNVD: CNNVD-200412-1201 // NVD: CVE-2004-1468

CREDITS

This vulnerability was announced by Cisco in a security advisory posted to the Bugtraq mailing list on April 19, 2000. The Cisco BugID for this issue is: CSCdr10025

Trust: 0.9

sources: BID: 1122 // CNNVD: CNNVD-200412-1201

SOURCES

db:VULMONid:CVE-2004-1468
db:BIDid:11122
db:BIDid:1122
db:JVNDBid:JVNDB-2004-000116
db:CNNVDid:CNNVD-200412-1201
db:NVDid:CVE-2004-1468

LAST UPDATE DATE

2024-08-14T14:16:24.721000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2004-1468date:2017-07-11T00:00:00
db:BIDid:11122date:2004-09-07T00:00:00
db:BIDid:1122date:2000-04-20T00:00:00
db:JVNDBid:JVNDB-2004-000116date:2007-05-14T00:00:00
db:CNNVDid:CNNVD-200412-1201date:2005-10-20T00:00:00
db:NVDid:CVE-2004-1468date:2017-07-11T01:31:03.577

SOURCES RELEASE DATE

db:VULMONid:CVE-2004-1468date:2004-12-31T00:00:00
db:BIDid:11122date:2004-09-07T00:00:00
db:BIDid:1122date:2000-04-20T00:00:00
db:JVNDBid:JVNDB-2004-000116date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200412-1201date:2004-12-31T00:00:00
db:NVDid:CVE-2004-1468date:2004-12-31T05:00:00