Sign-up

ID

VAR-200511-0399


CVE

CVE-2005-3427


TITLE

Cisco IPS MC Malformed Configuration Download Vulnerability

Trust: 0.8

sources: CERT/CC: VU#154883

DESCRIPTION

The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit port field values while generating the Cisco IOS IPS configuration file, wich can cause some signatures to be disabled and makes it easier for attackers to escape detection. Cisco IDS/IPS solution, configured by either Cisco IPS MC v2.1, Cisco IDS MC, Cisco SDM or by using the Cisco IOS CLI are vulnerable as well. This causes some signatures belonging to certain classes to be incorrectly disabled, potentially allowing malicious traffic to pass through. SOLUTION: Apply patches. http://www.cisco.com/pcgi-bin/tablebuild.pl/mgmt-ctr-ids-app PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20051101-ipsmc.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2005-3427 // CERT/CC: VU#154883 // BID: 15269 // VULHUB: VHN-14636 // PACKETSTORM: 41185

AFFECTED PRODUCTS

vendor:ciscomodel:ciscoworks management center for ips sensorsscope:eqversion:2.1

Trust: 1.6

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel:sdmscope: - version: -

Trust: 0.3

vendor:ciscomodel:pix/asa idsscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ips series sensorsscope:eqversion:4200

Trust: 0.3

vendor:ciscomodel:ios idsscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ios cliscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ids network modulescope: - version: -

Trust: 0.3

vendor:ciscomodel:ids mcscope: - version: -

Trust: 0.3

vendor:ciscomodel:catalyst modulescope:eqversion:6500/7600

Trust: 0.3

vendor:ciscomodel:asa security services modulescope: - version: -

Trust: 0.3

sources: CERT/CC: VU#154883 // BID: 15269 // CNNVD: CNNVD-200511-025 // NVD: CVE-2005-3427

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-3427
value: LOW

Trust: 1.0

CARNEGIE MELLON: VU#154883
value: 3.90

Trust: 0.8

CNNVD: CNNVD-200511-025
value: LOW

Trust: 0.6

VULHUB: VHN-14636
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2005-3427
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-14636
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#154883 // VULHUB: VHN-14636 // CNNVD: CNNVD-200511-025 // NVD: CVE-2005-3427

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3427

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-200511-025

TYPE

Design Error

Trust: 0.9

sources: BID: 15269 // CNNVD: CNNVD-200511-025

EXTERNAL IDS

db:SECUNIAid:17397

Trust: 2.6

db:CERT/CCid:VU#154883

Trust: 2.5

db:BIDid:15269

Trust: 2.0

db:NVDid:CVE-2005-3427

Trust: 1.7

db:SREASONid:137

Trust: 1.7

db:VUPENid:ADV-2005-2266

Trust: 1.7

db:OSVDBid:20444

Trust: 1.7

db:SECTRACKid:1015133

Trust: 1.7

db:CISCOid:20051101 CISCO IPS MC MALFORMED CONFIGURATION DOWNLOAD VULNERABILITY

Trust: 0.6

db:XFid:22926

Trust: 0.6

db:CNNVDid:CNNVD-200511-025

Trust: 0.6

db:VULHUBid:VHN-14636

Trust: 0.1

db:PACKETSTORMid:41185

Trust: 0.1

sources: CERT/CC: VU#154883 // VULHUB: VHN-14636 // BID: 15269 // PACKETSTORM: 41185 // CNNVD: CNNVD-200511-025 // NVD: CVE-2005-3427

REFERENCES

url:http://www.cisco.com/warp/public/707/cisco-sa-20051101-ipsmc.shtml

Trust: 2.6

url:http://www.securityfocus.com/bid/15269

Trust: 1.7

url:http://www.kb.cert.org/vuls/id/154883

Trust: 1.7

url:http://www.osvdb.org/20444

Trust: 1.7

url:http://securitytracker.com/id?1015133

Trust: 1.7

url:http://secunia.com/advisories/17397

Trust: 1.7

url:http://securityreason.com/securityalert/137

Trust: 1.7

url:http://www.vupen.com/english/advisories/2005/2266

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/22926

Trust: 1.1

url:http://secunia.com/advisories/17397/

Trust: 0.9

url:http://www.cisco.com/warp/public/707/cisco-sa-20051101-ipsmc.pdf

Trust: 0.8

url:http://www.frsirt.com/english/advisories/2005/2266

Trust: 0.6

url:http://xforce.iss.net/xforce/xfdb/22926

Trust: 0.6

url:http://www.cisco.com/en/us/products/products_security_advisory09186a008055dbdd.shtml#affected

Trust: 0.3

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

url:http://www.cisco.com/pcgi-bin/tablebuild.pl/mgmt-ctr-ids-app

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/product/6025/

Trust: 0.1

sources: CERT/CC: VU#154883 // VULHUB: VHN-14636 // BID: 15269 // PACKETSTORM: 41185 // CNNVD: CNNVD-200511-025 // NVD: CVE-2005-3427

CREDITS

The vendor reported this issue.

Trust: 0.9

sources: BID: 15269 // CNNVD: CNNVD-200511-025

SOURCES

db:CERT/CCid:VU#154883
db:VULHUBid:VHN-14636
db:BIDid:15269
db:PACKETSTORMid:41185
db:CNNVDid:CNNVD-200511-025
db:NVDid:CVE-2005-3427

LAST UPDATE DATE

2024-08-14T14:42:12.549000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#154883date:2005-11-02T00:00:00
db:VULHUBid:VHN-14636date:2017-07-11T00:00:00
db:BIDid:15269date:2005-11-01T00:00:00
db:CNNVDid:CNNVD-200511-025date:2005-11-15T00:00:00
db:NVDid:CVE-2005-3427date:2017-07-11T01:33:11.673

SOURCES RELEASE DATE

db:CERT/CCid:VU#154883date:2005-11-02T00:00:00
db:VULHUBid:VHN-14636date:2005-11-02T00:00:00
db:BIDid:15269date:2005-11-01T00:00:00
db:PACKETSTORMid:41185date:2005-11-03T01:02:14
db:CNNVDid:CNNVD-200511-025date:2005-11-01T00:00:00
db:NVDid:CVE-2005-3427date:2005-11-02T00:02:00