Sign-up

ID

VAR-200709-0429


CVE

CVE-2007-4654


TITLE

Cisco CSS series 11000 Device Cisco WebNS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-002579

DESCRIPTION

Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cisco WebNS 8.20.0.1 on Cisco Content Services Switch (CSS) series 11000 devices allows remote attackers to cause a denial of service (connection slot exhaustion and device crash) via a series of large packets designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144), possibly a related issue to CVE-2002-1024. Sshield is prone to a denial-of-service vulnerability

Trust: 1.98

sources: NVD: CVE-2007-4654 // JVNDB: JVNDB-2007-002579 // BID: 85398 // VULHUB: VHN-28016

AFFECTED PRODUCTS

vendor:teamf1model:sshieldscope:eqversion:1.6.1

Trust: 2.1

vendor:openbsdmodel:opensshscope:eqversion:3.0.2p1

Trust: 1.8

vendor:ciscomodel:webnsscope:eqversion:8.20.0.1

Trust: 1.8

vendor:ciscomodel:content services switch 11000scope: - version: -

Trust: 1.4

vendor:openbsdmodel:openssh p1scope:eqversion:3.0.2

Trust: 0.3

sources: BID: 85398 // JVNDB: JVNDB-2007-002579 // CNNVD: CNNVD-200709-025 // NVD: CVE-2007-4654

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-4654
value: MEDIUM

Trust: 1.0

NVD: CVE-2007-4654
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200709-025
value: MEDIUM

Trust: 0.6

VULHUB: VHN-28016
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2007-4654
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-28016
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-28016 // JVNDB: JVNDB-2007-002579 // CNNVD: CNNVD-200709-025 // NVD: CVE-2007-4654

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-28016 // JVNDB: JVNDB-2007-002579 // NVD: CVE-2007-4654

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200709-025

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-200709-025

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-002579

PATCH
title:Top Pageurl:http://www.cisco.com/en/US/prod/collateral/contnetw/ps5719/ps792/product_data_sheet0900aecd800f851e_ps4565_Products_Data_Sheet.html
Trust: 0.8
title:Top Pageurl:http://www.openssh.com/
Trust: 0.8
title:Top Pageurl:http://www.teamf1.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-002579

EXTERNAL IDS
db:NVDid:CVE-2007-4654
Trust: 2.8
db:SREASONid:3091
Trust: 2.0
db:OSVDBid:45873
Trust: 1.7
db:XFid:44542
Trust: 0.9
db:JVNDBid:JVNDB-2007-002579
Trust: 0.8
db:BUGTRAQid:20070830 CISCO CSS WEBNS SSH CRASH
Trust: 0.6
db:CNNVDid:CNNVD-200709-025
Trust: 0.6
db:BIDid:85398
Trust: 0.4
db:VULHUBid:VHN-28016
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28016 // 
            
            
            
            BID: 85398 // 
            
            
            
            JVNDB: JVNDB-2007-002579 // 
            
            
            
            CNNVD: CNNVD-200709-025 // 
            
            
            
            NVD: CVE-2007-4654

REFERENCES
url:http://securityreason.com/securityalert/3091
Trust: 2.0
url:http://osvdb.org/45873
Trust: 1.7
url:http://www.securityfocus.com/archive/1/478165/100/0/threaded
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/44542
Trust: 1.1
url:http://xforce.iss.net/xforce/xfdb/44542
Trust: 0.9
url:http://www.securityfocus.com/archive/1/archive/1/478165/100/0/threaded
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4654
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4654
Trust: 0.8
sources:
            
            
            VULHUB: VHN-28016 // 
            
            
            
            BID: 85398 // 
            
            
            
            JVNDB: JVNDB-2007-002579 // 
            
            
            
            CNNVD: CNNVD-200709-025 // 
            
            
            
            NVD: CVE-2007-4654

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 85398

SOURCES
db:VULHUBid:VHN-28016
db:BIDid:85398
db:JVNDBid:JVNDB-2007-002579
db:CNNVDid:CNNVD-200709-025
db:NVDid:CVE-2007-4654

LAST UPDATE DATE
2024-11-23T22:50:14.091000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-28016date:2018-10-15T00:00:00
db:BIDid:85398date:2007-09-04T00:00:00
db:JVNDBid:JVNDB-2007-002579date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200709-025date:2007-09-06T00:00:00
db:NVDid:CVE-2007-4654date:2024-11-21T00:36:07.407

SOURCES RELEASE DATE
db:VULHUBid:VHN-28016date:2007-09-04T00:00:00
db:BIDid:85398date:2007-09-04T00:00:00
db:JVNDBid:JVNDB-2007-002579date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200709-025date:2007-09-04T00:00:00
db:NVDid:CVE-2007-4654date:2007-09-04T22:17:00