Details of VAR-200701-0177

ID

VAR-200701-0177

CVE

CVE-2007-0397

TITLE

CS-MARS Vulnerabilities that generate inaccurate information

Trust: 0.8

sources: JVNDB: JVNDB-2007-001419

DESCRIPTION

The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information. This issue is tracked by Cisco Bug IDs CSCsf95930 and CSCsg78595. Cisco CS-MARS can receive event logs from various network devices, correlate and analyze the received security problem data, and report findings; ASDM can provide management and monitoring services for various Cisco security devices, and provide firewall services for Cisco switches and routers module. Cisco CS-MARS and ASDM have vulnerabilities in the implementation of communication authentication with managed devices. Because the certificate and public key provided by the device are not verified, if the certificate or public key changes, the affected product cannot determine whether the device it communicates with is legitimate, or whether the device is pretending to be a legitimate device. ---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. This can be exploited to conduct spoofing attacks and possibly gain knowledge of sensitive information. SOLUTION: Update to the latest version. http://www.cisco.com/pcgi-bin/tablebuild.pl/asa-interim?psrtdcat20e2 PROVIDED AND/OR DISCOVERED BY: The vendor credits Jan Bervar, NIL Data Communications. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20070118-certs.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-0397 // JVNDB: JVNDB-2007-001419 // BID: 22111 // VULHUB: VHN-23759 // PACKETSTORM: 53759

AFFECTED PRODUCTS

vendor:	cisco	model:	security monitoring analysis and response system	scope:	eq	version:	4.2.3	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance device manager	scope:	eq	version:	5.2.53	Trust: 1.6
vendor:	cisco	model:	adaptive security device manager	scope:	lt	version:	5.2(2.54)	Trust: 0.8
vendor:	cisco	model:	security monitoring, analysis and response system	scope:	lt	version:	4.2.3	Trust: 0.8
vendor:	cisco	model:	adaptive security device manager	scope:	eq	version:	5.2.53	Trust: 0.6
vendor:	nortel	model:	networks contivity vpn switch	scope:	eq	version:	20004.1.3	Trust: 0.3
vendor:	nortel	model:	networks contivity vpn switch	scope:	eq	version:	20004.1.2	Trust: 0.3
vendor:	nortel	model:	networks contivity vpn switch	scope:	eq	version:	20004.1	Trust: 0.3
vendor:	cisco	model:	cs-mars	scope:	eq	version:	4.2.2	Trust: 0.3
vendor:	cisco	model:	cs-mars	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	cisco	model:	cs-mars	scope:	eq	version:	4.1.5	Trust: 0.3
vendor:	cisco	model:	asdm	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	cs-mars	scope:	ne	version:	4.2.3	Trust: 0.3
vendor:	cisco	model:	asdm	scope:	ne	version:	5.2	Trust: 0.3

sources: BID: 22111 // JVNDB: JVNDB-2007-001419 // CNNVD: CNNVD-200701-320 // NVD: CVE-2007-0397

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-0397
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2007-0397
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200701-320
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-23759
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-0397
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-23759
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-23759 // JVNDB: JVNDB-2007-001419 // CNNVD: CNNVD-200701-320 // NVD: CVE-2007-0397

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-0397

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200701-320

TYPE

Design Error

Trust: 0.9

sources: BID: 22111 // CNNVD: CNNVD-200701-320

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-001419

PATCH

title:

cisco-sa-20070118-certs

url:

http://www.cisco.com/en/US/products/csa/cisco-sa-20070118-certs.html

Trust: 0.8

sources: JVNDB: JVNDB-2007-001419

EXTERNAL IDS

db:	NVD	id:	CVE-2007-0397	Trust: 2.5
db:	BID	id:	22111	Trust: 2.0
db:	SECUNIA	id:	23836	Trust: 1.8
db:	VUPEN	id:	ADV-2007-0245	Trust: 1.7
db:	SECTRACK	id:	1017536	Trust: 1.7
db:	SECTRACK	id:	1017535	Trust: 1.7
db:	OSVDB	id:	32720	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-001419	Trust: 0.8
db:	CNNVD	id:	CNNVD-200701-320	Trust: 0.7
db:	XF	id:	31567	Trust: 0.6
db:	CISCO	id:	20070118 SSL/TLS CERTIFICATE AND SSH PUBLIC KEY VALIDATION VULNERABILITY	Trust: 0.6
db:	VULHUB	id:	VHN-23759	Trust: 0.1
db:	PACKETSTORM	id:	53759	Trust: 0.1

sources: VULHUB: VHN-23759 // BID: 22111 // JVNDB: JVNDB-2007-001419 // PACKETSTORM: 53759 // CNNVD: CNNVD-200701-320 // NVD: CVE-2007-0397

REFERENCES

url:	http://www.securityfocus.com/bid/22111	Trust: 1.7
url:	http://www.cisco.com/en/us/products/products_security_advisory09186a00807c517f.shtml	Trust: 1.7
url:	http://osvdb.org/32720	Trust: 1.7
url:	http://securitytracker.com/id?1017535	Trust: 1.7
url:	http://securitytracker.com/id?1017536	Trust: 1.7
url:	http://secunia.com/advisories/23836	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/0245	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/31567	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0397	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0397	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/31567	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2007/0245	Trust: 0.6
url:	http://www.cisco.com/warp/public/707/cisco-sa-20070118-certs.shtml	Trust: 0.4
url:	http://www.cisco.com/en/us/products/ps6121/index.html	Trust: 0.3
url:	http://www.cisco.com/en/us/products/ps6241/index.html	Trust: 0.3
url:	/archive/1/457291	Trust: 0.3
url:	http://www.cisco.com/pcgi-bin/tablebuild.pl/asa-interim?psrtdcat20e2	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/6780/	Trust: 0.1
url:	http://secunia.com/software_inspector/	Trust: 0.1
url:	http://secunia.com/advisories/23836/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/12574/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://www.cisco.com/pcgi-bin/tablebuild.pl/cs-mars?psrtdcat20e2	Trust: 0.1

sources: VULHUB: VHN-23759 // BID: 22111 // JVNDB: JVNDB-2007-001419 // PACKETSTORM: 53759 // CNNVD: CNNVD-200701-320 // NVD: CVE-2007-0397

CREDITS

Jan Bervar

Trust: 0.6

sources: CNNVD: CNNVD-200701-320

SOURCES

db:	VULHUB	id:	VHN-23759
db:	BID	id:	22111
db:	JVNDB	id:	JVNDB-2007-001419
db:	PACKETSTORM	id:	53759
db:	CNNVD	id:	CNNVD-200701-320
db:	NVD	id:	CVE-2007-0397

LAST UPDATE DATE

2024-11-23T22:54:10.727000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-23759	date:	2018-10-30T00:00:00
db:	BID	id:	22111	date:	2007-01-18T20:10:00
db:	JVNDB	id:	JVNDB-2007-001419	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200701-320	date:	2007-01-22T00:00:00
db:	NVD	id:	CVE-2007-0397	date:	2024-11-21T00:25:45.683

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-23759	date:	2007-01-20T00:00:00
db:	BID	id:	22111	date:	2007-01-18T00:00:00
db:	JVNDB	id:	JVNDB-2007-001419	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	53759	date:	2007-01-20T00:09:28
db:	CNNVD	id:	CNNVD-200701-320	date:	2007-01-19T00:00:00
db:	NVD	id:	CVE-2007-0397	date:	2007-01-20T01:28:00