ID

VAR-200512-0384


CVE

CVE-2005-4812


TITLE

SISCO OSI stack fails to properly validate packets

Trust: 0.8

sources: CERT/CC: VU#468798

DESCRIPTION

The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan. A vulnerability exists in the SISCO OSI stack for Windows. If successfully exploited, an attacker could cause a denial-of-service condition. The Inter-control Center Communications Protocol (ICCP) is a protocol for communicating data in the control center of a SCADA network. A remote attacker can exploit the vulnerability to perform a denial of service attack on the service. The SISCO OSI stack on the Windows platform incorrectly handles malformed packets, and remote unauthenticated users can perform denial of service attacks on services. This issue allows remote, unauthenticated attackers to crash affected applications, denying further service to legitimate users. ---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: SISCO OSI Stack Denial of Service Vulnerability SECUNIA ADVISORY ID: SA22047 VERIFY ADVISORY: http://secunia.com/advisories/22047/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: SISCO MMS-EASE 7.x http://secunia.com/product/12072/ SISCO ICCP Toolkit for MMS-EASE 4.x http://secunia.com/product/12073/ SISCO AX-S4 MMS 5.x http://secunia.com/product/12071/ SISCO AX-S4 ICCP 3.x http://secunia.com/product/12070/ DESCRIPTION: A vulnerability has been reported in various SISCO products, which can be exploited by malicious people to cause a DoS (Denial of Service). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: SISCO: http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf OTHER REFERENCES: US-CERT VU#468798: http://www.kb.cert.org/vuls/id/468798 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.88

sources: NVD: CVE-2005-4812 // CERT/CC: VU#468798 // CNVD: CNVD-2006-7240 // BID: 20130 // IVD: 7d72a49f-463f-11e9-a242-000c29342cb1 // IVD: f56fee0e-1ff5-11e6-abef-000c29c66e3d // PACKETSTORM: 50214

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 7d72a49f-463f-11e9-a242-000c29342cb1 // IVD: f56fee0e-1ff5-11e6-abef-000c29c66e3d // CNVD: CNVD-2006-7240

AFFECTED PRODUCTS

vendor:siscomodel:ax-s4 iccpscope:lteversion:3.0103

Trust: 1.0

vendor:siscomodel:iccp toolkit for mms-easescope:lteversion:4.10

Trust: 1.0

vendor:siscomodel:mms-easescope:lteversion:7.10

Trust: 1.0

vendor:siscomodel:ax-s4 mmsscope:lteversion:5.01

Trust: 1.0

vendor:siscomodel:mms-easescope:eqversion:7.10

Trust: 0.9

vendor:siscomodel:iccp toolkit for mms-easescope:eqversion:4.10

Trust: 0.9

vendor:siscomodel:ax-s4 mmsscope:eqversion:5.01

Trust: 0.9

vendor:siscomodel:ax-s4 iccpscope:eqversion:3.0103

Trust: 0.9

vendor:sisco integration specialistsmodel: - scope: - version: -

Trust: 0.8

vendor:nomodel: - scope: - version: -

Trust: 0.6

vendor:siscomodel:iso stackscope:eqversion:3

Trust: 0.3

vendor:siscomodel:mms-easescope:neversion:8.03

Trust: 0.3

vendor:siscomodel:iccp toolkit for mms-easescope:neversion:5.03

Trust: 0.3

vendor:siscomodel:ax-s4 mmsscope:neversion:5.02

Trust: 0.3

vendor:siscomodel:ax-s4 iccpscope:neversion:3.0155

Trust: 0.3

sources: CERT/CC: VU#468798 // CNVD: CNVD-2006-7240 // BID: 20130 // CNNVD: CNNVD-200512-881 // NVD: CVE-2005-4812

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-4812
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#468798
value: 0.92

Trust: 0.8

CNNVD: CNNVD-200512-881
value: HIGH

Trust: 0.6

IVD: 7d72a49f-463f-11e9-a242-000c29342cb1
value: HIGH

Trust: 0.2

IVD: f56fee0e-1ff5-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2005-4812
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IVD: 7d72a49f-463f-11e9-a242-000c29342cb1
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: f56fee0e-1ff5-11e6-abef-000c29c66e3d
severity: NONE
baseScore: NONE
vectorString: NONE
accessVector: NONE
accessComplexity: NONE
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: UNKNOWN

Trust: 0.2

sources: IVD: 7d72a49f-463f-11e9-a242-000c29342cb1 // IVD: f56fee0e-1ff5-11e6-abef-000c29c66e3d // CERT/CC: VU#468798 // CNNVD: CNNVD-200512-881 // NVD: CVE-2005-4812

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-4812

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200512-881

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200512-881

EXTERNAL IDS

db:CERT/CCid:VU#468798

Trust: 3.4

db:BIDid:20130

Trust: 1.9

db:SECUNIAid:22047

Trust: 1.8

db:NVDid:CVE-2005-4812

Trust: 1.6

db:VUPENid:ADV-2006-3733

Trust: 1.6

db:CNVDid:CNVD-2006-7240

Trust: 1.0

db:XFid:29072

Trust: 0.6

db:NSFOCUSid:9306

Trust: 0.6

db:CNNVDid:CNNVD-200512-881

Trust: 0.6

db:IVDid:7D72A49F-463F-11E9-A242-000C29342CB1

Trust: 0.2

db:IVDid:F56FEE0E-1FF5-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:PACKETSTORMid:50214

Trust: 0.1

sources: IVD: 7d72a49f-463f-11e9-a242-000c29342cb1 // IVD: f56fee0e-1ff5-11e6-abef-000c29c66e3d // CERT/CC: VU#468798 // CNVD: CNVD-2006-7240 // BID: 20130 // PACKETSTORM: 50214 // CNNVD: CNNVD-200512-881 // NVD: CVE-2005-4812

REFERENCES

url:http://www.sisconet.com/downloads/nessus_vulnerability_announcement.pdf

Trust: 2.8

url:http://www.kb.cert.org/vuls/id/468798

Trust: 2.6

url:http://www.securityfocus.com/bid/20130

Trust: 1.6

url:http://secunia.com/advisories/22047

Trust: 1.6

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/29072

Trust: 1.0

url:http://www.vupen.com/english/advisories/2006/3733

Trust: 1.0

url:http://www.faqs.org/rfcs/rfc1006.html

Trust: 0.8

url:http://www.sisconet.com/downloads/mmsovrlg.pdf

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/29072

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2006/3733

Trust: 0.6

url:http://www.nsfocus.net/vulndb/9306

Trust: 0.6

url:http://www.sisconet.com/products.htm

Trust: 0.3

url:http://secunia.com/product/12070/

Trust: 0.1

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

url:http://secunia.com/quality_assurance_analyst/

Trust: 0.1

url:http://secunia.com/product/12073/

Trust: 0.1

url:http://secunia.com/hardcore_disassembler_and_reverse_engineer/

Trust: 0.1

url:http://secunia.com/advisories/22047/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/product/12071/

Trust: 0.1

url:http://secunia.com/web_application_security_specialist/

Trust: 0.1

url:http://secunia.com/product/12072/

Trust: 0.1

sources: CERT/CC: VU#468798 // CNVD: CNVD-2006-7240 // BID: 20130 // PACKETSTORM: 50214 // CNNVD: CNNVD-200512-881 // NVD: CVE-2005-4812

CREDITS

SISCOhttp://www.sisconet.com/products.htm

Trust: 0.6

sources: CNNVD: CNNVD-200512-881

SOURCES

db:IVDid:7d72a49f-463f-11e9-a242-000c29342cb1
db:IVDid:f56fee0e-1ff5-11e6-abef-000c29c66e3d
db:CERT/CCid:VU#468798
db:CNVDid:CNVD-2006-7240
db:BIDid:20130
db:PACKETSTORMid:50214
db:CNNVDid:CNNVD-200512-881
db:NVDid:CVE-2005-4812

LAST UPDATE DATE

2024-11-23T23:10:40.357000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#468798date:2008-07-21T00:00:00
db:CNVDid:CNVD-2006-7240date:2006-09-21T00:00:00
db:BIDid:20130date:2006-09-21T19:46:00
db:CNNVDid:CNNVD-200512-881date:2006-09-27T00:00:00
db:NVDid:CVE-2005-4812date:2024-11-21T00:05:14.543

SOURCES RELEASE DATE

db:IVDid:7d72a49f-463f-11e9-a242-000c29342cb1date:2006-09-21T00:00:00
db:IVDid:f56fee0e-1ff5-11e6-abef-000c29c66e3ddate:2006-09-21T00:00:00
db:CERT/CCid:VU#468798date:2006-09-20T00:00:00
db:CNVDid:CNVD-2006-7240date:2006-09-21T00:00:00
db:BIDid:20130date:2006-09-20T00:00:00
db:PACKETSTORMid:50214date:2006-09-21T23:56:25
db:CNNVDid:CNNVD-200512-881date:2005-12-31T00:00:00
db:NVDid:CVE-2005-4812date:2005-12-31T05:00:00