Sign-up

ID

VAR-200607-0357


CVE

CVE-2006-3596


TITLE

Cisco Intrusion Prevention System Malformed Packet Denial Of Service Vulnerability

Trust: 0.9

sources: BID: 18955 // CNNVD: CNNVD-200607-257

DESCRIPTION

The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet. Cisco Intrusion Prevention System is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash an affected device, effectively denying service. This issue is documented in Cisco bug ID CSCsd36590. This issue affects 42xx IPS appliances running affected versions of the IPS software. There is a denial of service vulnerability in the Cisco IPS client device driver. An IPS device configured to use the automatic pass-through function will also fail to forward packets. ---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package. This can be exploited to cause a DoS via a specially crafted packet received on an Intel-based gigabit network adapter configured as a sensing interface. Successful exploitation causes the network device to stop processing packets and become inaccessible both remotely and via the console. SOLUTION: Update to version 5.1(2). http://www.cisco.com/pcgi-bin/tablebuild.pl/ips5 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060712-ips.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2006-3596 // JVNDB: JVNDB-2006-002755 // BID: 18955 // VULHUB: VHN-19704 // PACKETSTORM: 48210

AFFECTED PRODUCTS

vendor:ciscomodel:ips sensor softwarescope:eqversion:5.1\(1e\)

Trust: 1.6

vendor:ciscomodel:ips sensor softwarescope:eqversion:5.1\(1d\)

Trust: 1.6

vendor:ciscomodel:ips sensor softwarescope:eqversion:5.1\(p1\)

Trust: 1.6

vendor:ciscomodel:intrusion prevention system 5.1scope: - version: -

Trust: 1.5

vendor:ciscomodel:ips sensor softwarescope:eqversion:5.1\(1b\)

Trust: 1.0

vendor:ciscomodel:ips sensor softwarescope:eqversion:5.1\(1c\)

Trust: 1.0

vendor:ciscomodel:ips sensor softwarescope:eqversion:5.1\(1\)

Trust: 1.0

vendor:ciscomodel:ips sensor softwarescope:eqversion:5.1\(1a\)

Trust: 1.0

vendor:ciscomodel:intrusion prevention systemscope:eqversion:5.1(1) to 5.1(p1)

Trust: 0.8

vendor:ciscomodel:intrusion prevention systemscope:eqversion:5.1\(1b\)

Trust: 0.6

vendor:ciscomodel:intrusion prevention systemscope:eqversion:5.1\(1\)

Trust: 0.6

vendor:ciscomodel:intrusion prevention systemscope:eqversion:5.1\(1c\)

Trust: 0.6

vendor:ciscomodel:intrusion prevention systemscope:eqversion:5.1\(1e\)

Trust: 0.6

vendor:ciscomodel:intrusion prevention systemscope:eqversion:5.1\(1d\)

Trust: 0.6

vendor:ciscomodel:intrusion prevention systemscope:eqversion:5.1\(p1\)

Trust: 0.6

vendor:ciscomodel:intrusion prevention systemscope:eqversion:5.1\(1a\)

Trust: 0.6

vendor:ciscomodel:ips series sensorsscope:eqversion:4200

Trust: 0.3

vendor:ciscomodel:intrusion prevention systemscope:eqversion:5.1(1)

Trust: 0.3

vendor:ciscomodel:intrusion prevention systemscope:eqversion:5.1

Trust: 0.3

sources: BID: 18955 // JVNDB: JVNDB-2006-002755 // CNNVD: CNNVD-200607-257 // NVD: CVE-2006-3596

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-3596
value: MEDIUM

Trust: 1.0

NVD: CVE-2006-3596
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200607-257
value: MEDIUM

Trust: 0.6

VULHUB: VHN-19704
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2006-3596
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-19704
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-19704 // JVNDB: JVNDB-2006-002755 // CNNVD: CNNVD-200607-257 // NVD: CVE-2006-3596

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-3596

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200607-257

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200607-257

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-002755

PATCH
title:cisco-sa-20060712-ipsurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20060712-ips
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-002755

EXTERNAL IDS
db:NVDid:CVE-2006-3596
Trust: 2.5
db:BIDid:18955
Trust: 2.0
db:SECUNIAid:21029
Trust: 1.8
db:SECTRACKid:1016474
Trust: 1.7
db:OSVDBid:27163
Trust: 1.7
db:VUPENid:ADV-2006-2772
Trust: 1.7
db:JVNDBid:JVNDB-2006-002755
Trust: 0.8
db:CISCOid:20060712 CISCO INTRUSION PREVENTION SYSTEM MALFORMED PACKET DENIAL OF SERVICE
Trust: 0.6
db:XFid:27692
Trust: 0.6
db:CNNVDid:CNNVD-200607-257
Trust: 0.6
db:VULHUBid:VHN-19704
Trust: 0.1
db:PACKETSTORMid:48210
Trust: 0.1
sources:
            
            
            VULHUB: VHN-19704 // 
            
            
            
            BID: 18955 // 
            
            
            
            JVNDB: JVNDB-2006-002755 // 
            
            
            
            PACKETSTORM: 48210 // 
            
            
            
            CNNVD: CNNVD-200607-257 // 
            
            
            
            NVD: CVE-2006-3596

REFERENCES
url:http://www.cisco.com/warp/public/707/cisco-sa-20060712-ips.shtml
Trust: 1.8
url:http://www.securityfocus.com/bid/18955
Trust: 1.7
url:http://www.osvdb.org/27163
Trust: 1.7
url:http://securitytracker.com/id?1016474
Trust: 1.7
url:http://secunia.com/advisories/21029
Trust: 1.7
url:http://www.vupen.com/english/advisories/2006/2772
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/27692
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3596
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3596
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2006/2772
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/27692
Trust: 0.6
url:http://www.cisco.com/en/us/products/products_security_advisory09186a00806e0bc7.shtml
Trust: 0.3
url:http://www.cisco.com/en/us/products/sw/secursw/ps2113/index.html
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://www.cisco.com/pcgi-bin/tablebuild.pl/ips5
Trust: 0.1
url:http://secunia.com/advisories/21029/
Trust: 0.1
url:http://secunia.com/hardcore_disassembler_and_reverse_engineer/
Trust: 0.1
url:http://secunia.com/product/5600/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-19704 // 
            
            
            
            BID: 18955 // 
            
            
            
            JVNDB: JVNDB-2006-002755 // 
            
            
            
            PACKETSTORM: 48210 // 
            
            
            
            CNNVD: CNNVD-200607-257 // 
            
            
            
            NVD: CVE-2006-3596

CREDITS
Cisco Security bulletin
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200607-257

SOURCES
db:VULHUBid:VHN-19704
db:BIDid:18955
db:JVNDBid:JVNDB-2006-002755
db:PACKETSTORMid:48210
db:CNNVDid:CNNVD-200607-257
db:NVDid:CVE-2006-3596

LAST UPDATE DATE
2024-11-23T21:49:32.927000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-19704date:2018-10-30T00:00:00
db:BIDid:18955date:2006-07-13T23:18:00
db:JVNDBid:JVNDB-2006-002755date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-200607-257date:2006-07-19T00:00:00
db:NVDid:CVE-2006-3596date:2024-11-21T00:13:59.457

SOURCES RELEASE DATE
db:VULHUBid:VHN-19704date:2006-07-18T00:00:00
db:BIDid:18955date:2006-07-12T00:00:00
db:JVNDBid:JVNDB-2006-002755date:2012-12-20T00:00:00
db:PACKETSTORMid:48210date:2006-07-13T17:58:07
db:CNNVDid:CNNVD-200607-257date:2006-07-18T00:00:00
db:NVDid:CVE-2006-3596date:2006-07-18T15:37:00