Sign-up

ID

VAR-200507-0150


CVE

CVE-2005-2280


TITLE

Cisco Security Agent malformed IP packet denial of service vulnerability

Trust: 0.6

sources: CNVD: CNVD-2005-2489

DESCRIPTION

Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet. The CSA has a vulnerability in handling malformed IP packets. The remote attacker can exploit this vulnerability to perform a denial of service attack on the device. Repeated attackers can lead to continued denial of service. This issue may be triggered by a maliciously crafted IP packet. This vulnerability affects only CSA 4.5 on Windows operating systems other than Windows XP. A denial of service vulnerability exists in CSA 4.5

Trust: 1.8

sources: NVD: CVE-2005-2280 // CNVD: CNVD-2005-2489 // BID: 14247 // VULHUB: VHN-13489

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2005-2489

AFFECTED PRODUCTS

vendor:ciscomodel:security agentscope:eqversion:4.5

Trust: 1.9

vendor:nomodel: - scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2005-2489 // BID: 14247 // CNNVD: CNNVD-200507-198 // NVD: CVE-2005-2280

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-2280
value: MEDIUM

Trust: 1.0

CNVD: CNVD-2005-2489
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-200507-198
value: MEDIUM

Trust: 0.6

VULHUB: VHN-13489
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2005-2280
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2005-2489
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-13489
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2005-2489 // VULHUB: VHN-13489 // CNNVD: CNNVD-200507-198 // NVD: CVE-2005-2280

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2280

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200507-198

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200507-198

PATCH

title:Patch for Cisco Security Agent malformed IP packet denial of service vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/42982

Trust: 0.6

sources: CNVD: CNVD-2005-2489

EXTERNAL IDS

db:NVDid:CVE-2005-2280

Trust: 2.0

db:BIDid:14247

Trust: 1.0

db:CNNVDid:CNNVD-200507-198

Trust: 0.7

db:CNVDid:CNVD-2005-2489

Trust: 0.6

db:XFid:21344

Trust: 0.6

db:CISCOid:20050713 CISCO SECURITY AGENT VULNERABLE TO CRAFTED IP ATTACK

Trust: 0.6

db:VULHUBid:VHN-13489

Trust: 0.1

sources: CNVD: CNVD-2005-2489 // VULHUB: VHN-13489 // BID: 14247 // CNNVD: CNNVD-200507-198 // NVD: CVE-2005-2280

REFERENCES

url:http://www.cisco.com/warp/public/707/cisco-sa-20050713-csa.shtml

Trust: 2.6

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/21344

Trust: 1.1

url:http://xforce.iss.net/xforce/xfdb/21344

Trust: 0.6

sources: CNVD: CNVD-2005-2489 // VULHUB: VHN-13489 // BID: 14247 // CNNVD: CNNVD-200507-198 // NVD: CVE-2005-2280

CREDITS

Ben Collins

Trust: 0.6

sources: CNNVD: CNNVD-200507-198

SOURCES

db:CNVDid:CNVD-2005-2489
db:VULHUBid:VHN-13489
db:BIDid:14247
db:CNNVDid:CNNVD-200507-198
db:NVDid:CVE-2005-2280

LAST UPDATE DATE

2024-08-14T13:40:05.041000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2005-2489date:2014-01-24T00:00:00
db:VULHUBid:VHN-13489date:2017-07-11T00:00:00
db:BIDid:14247date:2006-04-24T20:56:00
db:CNNVDid:CNNVD-200507-198date:2005-10-20T00:00:00
db:NVDid:CVE-2005-2280date:2017-07-11T01:32:47.703

SOURCES RELEASE DATE

db:CNVDid:CNVD-2005-2489date:2005-07-14T00:00:00
db:VULHUBid:VHN-13489date:2005-07-18T00:00:00
db:BIDid:14247date:2005-07-13T00:00:00
db:CNNVDid:CNNVD-200507-198date:2005-07-18T00:00:00
db:NVDid:CVE-2005-2280date:2005-07-18T04:00:00