Details of VAR-200505-0197

ID

VAR-200505-0197

CVE

CVE-2005-0599

TITLE

Cisco Application and Content Networking System Multiple Remote Vulnerabilities

Trust: 0.9

sources: BID: 12648 // CNNVD: CNNVD-200505-570

DESCRIPTION

Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, or 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (CPU consumption) via malformed IP packets. This issue is due to a failure of the affected software to properly handle malformed network data. Specifically, multiple denial of service vulnerabilities and a single default administrator password issues were reported. The default password issue may allow an unauthorized user to gain administrator access to an affected device

Trust: 2.79

sources: NVD: CVE-2005-0599 // CERT/CC: VU#579240 // CERT/CC: VU#360296 // BID: 12648 // VULHUB: VHN-11808 // VULMON: CVE-2005-0599

AFFECTED PRODUCTS

vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 1.6
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	5.0.3	Trust: 1.6
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	4.2.11	Trust: 1.6
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	5.0	Trust: 1.6
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	5.0.1	Trust: 1.6
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	4.1.3	Trust: 1.6
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	4.2	Trust: 1.6
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	5.0.5	Trust: 1.6
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	4.1.1	Trust: 1.6
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	4.2.9	Trust: 1.6
vendor:	cisco	model:	application and content networking software	scope:	lte	version:	5.1.11.5	Trust: 1.0
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	4.0.3	Trust: 1.0
vendor:	cisco	model:	application & content networking software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	application and content networking software	scope:	eq	version:	5.1.11.5	Trust: 0.6
vendor:	cisco	model:	content router	scope:	eq	version:	4450	Trust: 0.3
vendor:	cisco	model:	content router	scope:	eq	version:	44304.1	Trust: 0.3
vendor:	cisco	model:	content router	scope:	eq	version:	44304.0	Trust: 0.3
vendor:	cisco	model:	content router	scope:	eq	version:	4430	Trust: 0.3
vendor:	cisco	model:	content engine module for cisco router series	scope:	eq	version:	3800	Trust: 0.3
vendor:	cisco	model:	content engine module for cisco router series	scope:	eq	version:	3700	Trust: 0.3
vendor:	cisco	model:	content engine module for cisco router series	scope:	eq	version:	3600	Trust: 0.3
vendor:	cisco	model:	content engine module for cisco router series	scope:	eq	version:	2800	Trust: 0.3
vendor:	cisco	model:	content engine module for cisco router series	scope:	eq	version:	2600	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	7325	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	73204.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	73204.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	73203.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	73202.2.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	7320	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5904.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5904.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5903.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5902.2.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	590	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	565	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5604.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5604.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5603.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5602.2.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	560	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	510	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5074.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5074.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5073.1	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	5072.2.0	Trust: 0.3
vendor:	cisco	model:	content engine	scope:	eq	version:	507	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	4670	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	46504.1	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	46504.0	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	4650	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	46304.1	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	46304.0	Trust: 0.3
vendor:	cisco	model:	content distribution manager	scope:	eq	version:	4630	Trust: 0.3
vendor:	cisco	model:	content delivery manager	scope:	eq	version:	4650	Trust: 0.3
vendor:	cisco	model:	content delivery manager	scope:	eq	version:	4630	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	5.2.3.9	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	5.2	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	5.1.13.7	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	5.1.11.6	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	5.1	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	5.0.17.6	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	5.0.5	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	4.2.11	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	4.2.9	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	4.2.7	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	4.2	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	4.1.3	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	4.1.1	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	eq	version:	4.0.3	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	ne	version:	5.2.3.9	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	ne	version:	5.2.1.7	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	ne	version:	5.1.13.7	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	ne	version:	5.1.11.6	Trust: 0.3
vendor:	cisco	model:	application & content networking software	scope:	ne	version:	5.0.17.6	Trust: 0.3

sources: CERT/CC: VU#579240 // CERT/CC: VU#360296 // BID: 12648 // CNNVD: CNNVD-200505-570 // NVD: CVE-2005-0599

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-0599
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#579240
value:	3.47
Trust: 0.8
CARNEGIE MELLON:	VU#360296
value:	3.47
Trust: 0.8
CNNVD:	CNNVD-200505-570
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-11808
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2005-0599
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-0599
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-11808
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#579240 // CERT/CC: VU#360296 // VULHUB: VHN-11808 // VULMON: CVE-2005-0599 // CNNVD: CNNVD-200505-570 // NVD: CVE-2005-0599

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0599

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-570

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200505-570

EXTERNAL IDS

db:	SECUNIA	id:	14395	Trust: 3.4
db:	BID	id:	12648	Trust: 2.9
db:	NVD	id:	CVE-2005-0599	Trust: 2.1
db:	SECTRACK	id:	1013286	Trust: 1.6
db:	XF	id:	19468	Trust: 1.4
db:	CERT/CC	id:	VU#360296	Trust: 0.9
db:	XF	id:	19469	Trust: 0.8
db:	OSVDB	id:	14122	Trust: 0.8
db:	CERT/CC	id:	VU#579240	Trust: 0.8
db:	OSVDB	id:	14121	Trust: 0.8
db:	CNNVD	id:	CNNVD-200505-570	Trust: 0.7
db:	CISCO	id:	20050224 ACNS DENIAL OF SERVICE AND DEFAULT ADMIN PASSWORD VULNERABILITIES	Trust: 0.6
db:	VULHUB	id:	VHN-11808	Trust: 0.1
db:	VULMON	id:	CVE-2005-0599	Trust: 0.1

sources: CERT/CC: VU#579240 // CERT/CC: VU#360296 // VULHUB: VHN-11808 // VULMON: CVE-2005-0599 // BID: 12648 // CNNVD: CNNVD-200505-570 // NVD: CVE-2005-0599

REFERENCES

url:	http://www.cisco.com/warp/public/707/cisco-sa-20050224-acnsdos.shtml	Trust: 3.4
url:	http://secunia.com/advisories/14395	Trust: 2.6
url:	http://www.securityfocus.com/bid/12648	Trust: 1.8
url:	http://securitytracker.com/alerts/2005/feb/1013286.html	Trust: 1.6
url:	http://xforce.iss.net/xforce/xfdb/19468	Trust: 1.4
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/19468	Trust: 1.2
url:	http://www.cisco.com/univercd/cc/td/doc/product/webscale/uce/acns51/deploy51/51stream.htm#wp1039106	Trust: 0.8
url:	http://secunia.com/advisories/14395/	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/19469	Trust: 0.8
url:	http://osvdb.org/displayvuln.php?osvdb_id=14122	Trust: 0.8
url:	http://www.securityfocus.com/bid/12648	Trust: 0.8
url:	http://www.osvdb.org/displayvuln.php?osvdb_id=14121	Trust: 0.8
url:	http://www.cisco.com/en/us/products/sw/conntsw/ps491/	Trust: 0.3
url:	/archive/1/391426	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.kb.cert.org/vuls/id/360296	Trust: 0.1

sources: CERT/CC: VU#579240 // CERT/CC: VU#360296 // VULHUB: VHN-11808 // VULMON: CVE-2005-0599 // BID: 12648 // CNNVD: CNNVD-200505-570 // NVD: CVE-2005-0599

CREDITS

Cisco

Trust: 0.6

sources: CNNVD: CNNVD-200505-570

SOURCES

db:	CERT/CC	id:	VU#579240
db:	CERT/CC	id:	VU#360296
db:	VULHUB	id:	VHN-11808
db:	VULMON	id:	CVE-2005-0599
db:	BID	id:	12648
db:	CNNVD	id:	CNNVD-200505-570
db:	NVD	id:	CVE-2005-0599

LAST UPDATE DATE

2024-08-14T14:22:58.763000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#579240	date:	2005-03-10T00:00:00
db:	CERT/CC	id:	VU#360296	date:	2005-06-08T00:00:00
db:	VULHUB	id:	VHN-11808	date:	2017-07-11T00:00:00
db:	VULMON	id:	CVE-2005-0599	date:	2017-07-11T00:00:00
db:	BID	id:	12648	date:	2015-03-19T08:21:00
db:	CNNVD	id:	CNNVD-200505-570	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-0599	date:	2017-07-11T01:32:21.217

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#579240	date:	2005-03-10T00:00:00
db:	CERT/CC	id:	VU#360296	date:	2005-06-08T00:00:00
db:	VULHUB	id:	VHN-11808	date:	2005-05-02T00:00:00
db:	VULMON	id:	CVE-2005-0599	date:	2005-05-02T00:00:00
db:	BID	id:	12648	date:	2005-02-24T00:00:00
db:	CNNVD	id:	CNNVD-200505-570	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2005-0599	date:	2005-05-02T04:00:00