Details of VAR-200501-0159

ID

VAR-200501-0159

CVE

CVE-2004-1164

TITLE

Cisco CNSNetworkRegistrar lock Remote denial of service vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200501-015

DESCRIPTION

The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (process crash) via a certain "unexpected packet sequence.". Cisco CNS Network Registrar is a DNS/DHCP server offered by Cisco. It is available for Microsoft Windows, UNIX, and Linux platforms. These issues affect the Domain Name Service and Dynamic Host Configuration Protocol server components of the CNS Network Registrar. It is reported that an attacker may cause a crash by sending a specially crafted packet sequence to an affected server. These vulnerabilities only affect Cisco CNS Network Registrar for the Microsoft Windows platform. The first issue affects CNS Network Registrar versions 6.0 upto and including 6.1.1.3 and the second issue affects all versions including 6.1.1.3

Trust: 1.26

sources: NVD: CVE-2004-1164 // BID: 11793 // VULHUB: VHN-9594

AFFECTED PRODUCTS

vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.1.1.3	Trust: 1.9
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.1.1.2	Trust: 1.9
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.1.1.1	Trust: 1.9
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.1.1	Trust: 1.9
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.1	Trust: 1.9
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.0.5.4	Trust: 1.3
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.0.5.3	Trust: 1.3
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.0.5.2	Trust: 1.3
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.0.5	Trust: 1.3
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.0.4	Trust: 1.3
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.0.3	Trust: 1.3
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.0.2	Trust: 1.3
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.0.1	Trust: 1.3
vendor:	cisco	model:	cns network registrar	scope:	eq	version:	6.0	Trust: 1.3
vendor:	cisco	model:	cns network registrar	scope:	ne	version:	6.1.1.4	Trust: 0.3

sources: BID: 11793 // CNNVD: CNNVD-200501-015 // NVD: CVE-2004-1164

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1164
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200501-015
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-9594
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-1164
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9594
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-9594 // CNNVD: CNNVD-200501-015 // NVD: CVE-2004-1164

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1164

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200501-015

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200501-015

EXTERNAL IDS

db:	BID	id:	11793	Trust: 2.0
db:	NVD	id:	CVE-2004-1164	Trust: 1.7
db:	CNNVD	id:	CNNVD-200501-015	Trust: 0.7
db:	CISCO	id:	20041202 CISCO NETWORK REGISTRAR DENIAL OF SERVICE VULNERABILITY	Trust: 0.6
db:	XF	id:	18328	Trust: 0.6
db:	VULHUB	id:	VHN-9594	Trust: 0.1

sources: VULHUB: VHN-9594 // BID: 11793 // CNNVD: CNNVD-200501-015 // NVD: CVE-2004-1164

REFERENCES

url:	http://www.securityfocus.com/bid/11793	Trust: 1.7
url:	http://www.cisco.com/en/us/products/products_security_advisory09186a008036786d.shtml	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/18328	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/18328	Trust: 0.6
url:	http://www.cisco.com/en/us/products/sw/netmgtsw/ps1982/index.html	Trust: 0.3

sources: VULHUB: VHN-9594 // BID: 11793 // CNNVD: CNNVD-200501-015 // NVD: CVE-2004-1164

CREDITS

Cisco Security bulletin

Trust: 0.6

sources: CNNVD: CNNVD-200501-015

SOURCES

db:	VULHUB	id:	VHN-9594
db:	BID	id:	11793
db:	CNNVD	id:	CNNVD-200501-015
db:	NVD	id:	CVE-2004-1164

LAST UPDATE DATE

2024-08-14T14:00:42.767000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-9594	date:	2017-07-11T00:00:00
db:	BID	id:	11793	date:	2004-12-02T00:00:00
db:	CNNVD	id:	CNNVD-200501-015	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-1164	date:	2017-07-11T01:30:47.560

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-9594	date:	2005-01-10T00:00:00
db:	BID	id:	11793	date:	2004-12-02T00:00:00
db:	CNNVD	id:	CNNVD-200501-015	date:	2004-12-02T00:00:00
db:	NVD	id:	CVE-2004-1164	date:	2005-01-10T05:00:00