ID

VAR-200601-0175


CVE

CVE-2006-0181


TITLE

Cisco Security Monitoring, Analysis and Response System Vulnerability gained in

Trust: 0.8

sources: JVNDB: JVNDB-2006-003826

DESCRIPTION

Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command. This password is static across all installations of the software. It is possible for those running software release 4.1.3 and later to change a portion of the default administrative password, effectively addressing the vulnerability. However, earlier versions do not provide this option. In addition, CS-MARS can also perform automated tasks to alleviate safety issues. Successful exploitation of this vulnerability will allow the attacker to obtain full management rights of the CS-MARS device. The password for the account reportedly cannot be changed. Successful exploitation requires logon to the administration command line interface with e.g. the "pnadmin" account. The vulnerability has been reported in versions prior to 4.1.3. SOLUTION: Update to version 4.1.3 or later and use the "passwd expert" command to change the root password. http://www.cisco.com/pcgi-bin/tablebuild.pl/cs-mars?psrtdcat20e2 PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060111-mars.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2006-0181 // JVNDB: JVNDB-2006-003826 // BID: 16211 // VULHUB: VHN-16289 // PACKETSTORM: 43013

AFFECTED PRODUCTS

vendor:ciscomodel:cs-marsscope:eqversion:4.1.2

Trust: 1.6

vendor:ciscomodel:cs-marsscope:eqversion:4.1

Trust: 1.6

vendor:ciscomodel:security monitoring, analysis and response systemscope:ltversion:4.1.3

Trust: 0.8

vendor:nortelmodel:networks contivity vpn switchscope:eqversion:20004.1.2

Trust: 0.3

vendor:nortelmodel:networks contivity vpn switchscope:eqversion:20004.1

Trust: 0.3

vendor:nortelmodel:networks contivity vpn switchscope:neversion:20004.1.3

Trust: 0.3

sources: BID: 16211 // JVNDB: JVNDB-2006-003826 // CNNVD: CNNVD-200601-124 // NVD: CVE-2006-0181

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-0181
value: HIGH

Trust: 1.0

NVD: CVE-2006-0181
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200601-124
value: HIGH

Trust: 0.6

VULHUB: VHN-16289
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-0181
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-16289
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-16289 // JVNDB: JVNDB-2006-003826 // CNNVD: CNNVD-200601-124 // NVD: CVE-2006-0181

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-0181

THREAT TYPE

local

Trust: 1.0

sources: BID: 16211 // PACKETSTORM: 43013 // CNNVD: CNNVD-200601-124

TYPE

Design Error

Trust: 0.9

sources: BID: 16211 // CNNVD: CNNVD-200601-124

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-003826

PATCH

title:16211url:http://www.securityfocus.com/bid/16211

Trust: 0.8

title:cisco-sa-20060111-mars.shtmlurl:http://www.cisco.com/warp/public/707/cisco-sa-20060111-mars.shtml

Trust: 0.8

sources: JVNDB: JVNDB-2006-003826

EXTERNAL IDS

db:NVDid:CVE-2006-0181

Trust: 2.5

db:BIDid:16211

Trust: 2.0

db:SECUNIAid:18424

Trust: 1.8

db:OSVDBid:22346

Trust: 1.7

db:SECTRACKid:1015471

Trust: 1.7

db:SREASONid:335

Trust: 1.7

db:VUPENid:ADV-2006-0154

Trust: 1.7

db:JVNDBid:JVNDB-2006-003826

Trust: 0.8

db:CNNVDid:CNNVD-200601-124

Trust: 0.7

db:CISCOid:20060111 DEFAULT ADMINISTRATIVE PASSWORD IN CISCO SECURITY MONITORING, ANALYSIS AND RESPONSE SYSTEM (CS-MARS)

Trust: 0.6

db:XFid:24065

Trust: 0.6

db:VULHUBid:VHN-16289

Trust: 0.1

db:PACKETSTORMid:43013

Trust: 0.1

sources: VULHUB: VHN-16289 // BID: 16211 // JVNDB: JVNDB-2006-003826 // PACKETSTORM: 43013 // CNNVD: CNNVD-200601-124 // NVD: CVE-2006-0181

REFERENCES

url:http://www.cisco.com/warp/public/707/cisco-sa-20060111-mars.shtml

Trust: 2.1

url:http://www.securityfocus.com/bid/16211

Trust: 1.7

url:http://www.osvdb.org/22346

Trust: 1.7

url:http://securitytracker.com/id?1015471

Trust: 1.7

url:http://secunia.com/advisories/18424

Trust: 1.7

url:http://securityreason.com/securityalert/335

Trust: 1.7

url:http://seclists.org/bugtraq/2006/jan/202

Trust: 1.1

url:http://www.vupen.com/english/advisories/2006/0154

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/24065

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0181

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-0181

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/24065

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2006/0154

Trust: 0.6

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/6780/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

url:http://secunia.com/advisories/18424/

Trust: 0.1

url:http://www.cisco.com/pcgi-bin/tablebuild.pl/cs-mars?psrtdcat20e2

Trust: 0.1

sources: VULHUB: VHN-16289 // BID: 16211 // JVNDB: JVNDB-2006-003826 // PACKETSTORM: 43013 // CNNVD: CNNVD-200601-124 // NVD: CVE-2006-0181

CREDITS

Cisco Security bulletin

Trust: 0.6

sources: CNNVD: CNNVD-200601-124

SOURCES

db:VULHUBid:VHN-16289
db:BIDid:16211
db:JVNDBid:JVNDB-2006-003826
db:PACKETSTORMid:43013
db:CNNVDid:CNNVD-200601-124
db:NVDid:CVE-2006-0181

LAST UPDATE DATE

2024-11-23T23:07:06.611000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-16289date:2017-07-20T00:00:00
db:BIDid:16211date:2006-01-11T00:00:00
db:JVNDBid:JVNDB-2006-003826date:2014-03-11T00:00:00
db:CNNVDid:CNNVD-200601-124date:2006-01-13T00:00:00
db:NVDid:CVE-2006-0181date:2024-11-21T00:05:51.117

SOURCES RELEASE DATE

db:VULHUBid:VHN-16289date:2006-01-12T00:00:00
db:BIDid:16211date:2006-01-11T00:00:00
db:JVNDBid:JVNDB-2006-003826date:2014-03-11T00:00:00
db:PACKETSTORMid:43013date:2006-01-12T16:56:50
db:CNNVDid:CNNVD-200601-124date:2006-01-12T00:00:00
db:NVDid:CVE-2006-0181date:2006-01-12T06:02:00