Details of VAR-200710-0328

ID

VAR-200710-0328

CVE

CVE-2007-5570

TITLE

Cisco FWSM Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-002804

DESCRIPTION

Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and earlier, allows remote attackers to cause a denial of service (device reload) via a crafted HTTPS request, aka CSCsi77844. Cisco Firewall Services Module (FWSM) is prone to multiple denial-of-service vulnerabilities and a vulnerability that could let attackers corrupt ACLs (access control lists). Three vulnerabilities were reported in total: 1. Specially crafted HTTPS may cause the FWSM to reload. If exploited repeatedly, this could cause a persistent denial of service. 2. Specially crafted MGCP packets may cause the FWSM to reload. If exploited repeatedly, this could cause a persistent denial of service. 3. Manipulating Access Control Entries (ACE) in the ACL via the command line or ASDM (Adaptive Security Device Manager) may inadvertently cause them to not be evaluated. This will corrupt ACLs. Cisco FWSM is a firewall service module on Cisco equipment. The source IP address and interface for receiving HTTPS requests must conform to the configured http <source IP> <source interface> command. ---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications. 1) An unspecified error exists within the handling of HTTPS packets. Successful exploitation requires that the HTTPS server is enabled (disabled by default). 2) An unspecified error exists within the handling of Media Gateway Control Protocol (MGCP) packets. Successful exploitation requires that the MGCP application layer protocol inspection is enabled (disabled by default). NOTE: An error when loading manipulated ACLs (Access Control Lists) is also reported. SOLUTION: Update to a fixed version (please see vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20071017-fwsm.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-5570 // JVNDB: JVNDB-2007-002804 // BID: 26109 // VULHUB: VHN-28932 // PACKETSTORM: 60221

AFFECTED PRODUCTS

vendor:	cisco	model:	firewall services module	scope:	lte	version:	3.2\(1\)	Trust: 1.0
vendor:	cisco	model:	firewall services module	scope:	lte	version:	3.1\(5\)	Trust: 1.0
vendor:	cisco	model:	firewall services module	scope:	gte	version:	3.1	Trust: 1.0
vendor:	cisco	model:	firewall services module	scope:	gte	version:	3.2	Trust: 1.0
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.2(1)	Trust: 0.8
vendor:	cisco	model:	firewall services module	scope:	lte	version:	3.1(5)	Trust: 0.8
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.2\(1\)	Trust: 0.6
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1\(5\)	Trust: 0.6
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.2(2)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1(6)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1(4)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1(3.24)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1(1.9)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1(1.7)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1(3.3)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1(3.2)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1(3.18)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1(3.11)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1(3.1)	Trust: 0.3
vendor:	cisco	model:	firewall services module	scope:	eq	version:	3.1	Trust: 0.3

sources: BID: 26109 // JVNDB: JVNDB-2007-002804 // CNNVD: CNNVD-200710-385 // NVD: CVE-2007-5570

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-5570
value:	HIGH
Trust: 1.0
NVD:	CVE-2007-5570
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200710-385
value:	HIGH
Trust: 0.6
VULHUB:	VHN-28932
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2007-5570
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-28932
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-28932 // JVNDB: JVNDB-2007-002804 // CNNVD: CNNVD-200710-385 // NVD: CVE-2007-5570

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-28932 // JVNDB: JVNDB-2007-002804 // NVD: CVE-2007-5570

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200710-385

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-200710-385

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-002804

PATCH

title:

cisco-sa-20071017-fwsm

url:

http://www.cisco.com/en/US/products/csa/cisco-sa-20071017-fwsm.html

Trust: 0.8

sources: JVNDB: JVNDB-2007-002804

EXTERNAL IDS

db:	NVD	id:	CVE-2007-5570	Trust: 2.8
db:	BID	id:	26109	Trust: 2.0
db:	SECUNIA	id:	27236	Trust: 1.8
db:	VUPEN	id:	ADV-2007-3530	Trust: 1.7
db:	SECTRACK	id:	1018825	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-002804	Trust: 0.8
db:	NSFOCUS	id:	11047	Trust: 0.6
db:	CNNVD	id:	CNNVD-200710-385	Trust: 0.6
db:	VULHUB	id:	VHN-28932	Trust: 0.1
db:	PACKETSTORM	id:	60221	Trust: 0.1

sources: VULHUB: VHN-28932 // BID: 26109 // JVNDB: JVNDB-2007-002804 // PACKETSTORM: 60221 // CNNVD: CNNVD-200710-385 // NVD: CVE-2007-5570

REFERENCES

url:	http://www.securityfocus.com/bid/26109	Trust: 1.7
url:	http://www.cisco.com/en/us/products/products_security_advisory09186a00808dda61.shtml	Trust: 1.7
url:	http://www.securitytracker.com/id?1018825	Trust: 1.7
url:	http://secunia.com/advisories/27236	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/3530	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/37251	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5570	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5570	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5570	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/11047	Trust: 0.6
url:	http://www.cisco.com	Trust: 0.3
url:	/archive/1/482436	Trust: 0.3
url:	http://www.cisco.com/warp/public/707/cisco-sa-20071017-fwsm.shtml#@id	Trust: 0.3
url:	http://www.cisco.com/warp/public/707/cisco-sa-20071017-fwsm.shtml	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/network_software_inspector/	Trust: 0.1
url:	http://secunia.com/product/8614/	Trust: 0.1
url:	http://secunia.com/advisories/27236/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-28932 // BID: 26109 // JVNDB: JVNDB-2007-002804 // PACKETSTORM: 60221 // CNNVD: CNNVD-200710-385 // NVD: CVE-2007-5570

CREDITS

Cisco Security bulletin

Trust: 0.6

sources: CNNVD: CNNVD-200710-385

SOURCES

db:	VULHUB	id:	VHN-28932
db:	BID	id:	26109
db:	JVNDB	id:	JVNDB-2007-002804
db:	PACKETSTORM	id:	60221
db:	CNNVD	id:	CNNVD-200710-385
db:	NVD	id:	CVE-2007-5570

LAST UPDATE DATE

2024-11-23T22:19:38.132000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-28932	date:	2019-08-01T00:00:00
db:	BID	id:	26109	date:	2007-11-15T00:39:00
db:	JVNDB	id:	JVNDB-2007-002804	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200710-385	date:	2019-08-02T00:00:00
db:	NVD	id:	CVE-2007-5570	date:	2024-11-21T00:38:12.547

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-28932	date:	2007-10-18T00:00:00
db:	BID	id:	26109	date:	2007-10-17T00:00:00
db:	JVNDB	id:	JVNDB-2007-002804	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	60221	date:	2007-10-19T15:32:30
db:	CNNVD	id:	CNNVD-200710-385	date:	2007-10-18T00:00:00
db:	NVD	id:	CVE-2007-5570	date:	2007-10-18T21:17:00