Details of VAR-200902-0540

ID

VAR-200902-0540

CVE

CVE-2009-0624

TITLE

Catalyst 6500 Switch and 7600 For router Cisco ACE Application Control Engine Modules and Cisco ACE 4710 Application Control Engine Appliance of SNMPv2c Service disruption in implementations (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2009-001380

DESCRIPTION

Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv1 packet. Other attacks are also possible. Remote authentication users can cause denial of service by constructing SNMPv1 packets

Trust: 1.98

sources: NVD: CVE-2009-0624 // JVNDB: JVNDB-2009-001380 // BID: 33900 // VULHUB: VHN-38070

AFFECTED PRODUCTS

vendor:	cisco	model:	application control engine module	scope:	eq	version:	1.1	Trust: 1.6
vendor:	cisco	model:	ace 4710	scope:	eq	version:	a1\(2.0\)	Trust: 1.6
vendor:	cisco	model:	ace 4710	scope:	eq	version:	a1\(8.0\)	Trust: 1.6
vendor:	cisco	model:	application control engine module	scope:	eq	version:	1.0	Trust: 1.6
vendor:	cisco	model:	ace 4710	scope:	eq	version:	a3\(1.0\)	Trust: 1.6
vendor:	cisco	model:	application control engine module	scope:	lte	version:	1.2	Trust: 1.0
vendor:	cisco	model:	ace 4710	scope:	lte	version:	a3\(2.0\)	Trust: 1.0
vendor:	cisco	model:	ace module a2	scope:	ne	version:	-	Trust: 0.9
vendor:	cisco	model:	ace 4710	scope:	lt	version:	a2(1.3)	Trust: 0.8
vendor:	cisco	model:	ace application control engine module	scope:	lt	version:	a3(2.1)	Trust: 0.8
vendor:	cisco	model:	ace appliance a1	scope:	ne	version:	4710	Trust: 0.6
vendor:	cisco	model:	application control engine module	scope:	eq	version:	1.2	Trust: 0.6
vendor:	cisco	model:	ace 4710	scope:	eq	version:	a3\(2.0\)	Trust: 0.6
vendor:	cisco	model:	application control engine module	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ace module	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ace appliance	scope:	eq	version:	47100	Trust: 0.3
vendor:	cisco	model:	ace appliance a3	scope:	ne	version:	4710	Trust: 0.3

sources: BID: 33900 // JVNDB: JVNDB-2009-001380 // CNNVD: CNNVD-200902-615 // NVD: CVE-2009-0624

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-0624
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2009-0624
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200902-615
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-38070
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2009-0624
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-38070
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-38070 // JVNDB: JVNDB-2009-001380 // CNNVD: CNNVD-200902-615 // NVD: CVE-2009-0624

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: JVNDB: JVNDB-2009-001380 // NVD: CVE-2009-0624

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200902-615

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200902-615

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-001380

PATCH

title:

cisco-sa-20090225-ace

url:

http://www.cisco.com/warp/public/707/cisco-sa-20090225-ace.shtml

Trust: 0.8

sources: JVNDB: JVNDB-2009-001380

EXTERNAL IDS

db:	NVD	id:	CVE-2009-0624	Trust: 2.8
db:	BID	id:	33900	Trust: 2.0
db:	SECTRACK	id:	1021769	Trust: 1.7
db:	JVNDB	id:	JVNDB-2009-001380	Trust: 0.8
db:	CISCO	id:	20090225 MULTIPLE VULNERABILITIES IN THE CISCO ACE APPLICATION CONTROL ENGINE MODULE AND CISCO ACE 4710 APPLICATION CONTROL ENGINE	Trust: 0.6
db:	CNNVD	id:	CNNVD-200902-615	Trust: 0.6
db:	VULHUB	id:	VHN-38070	Trust: 0.1

sources: VULHUB: VHN-38070 // BID: 33900 // JVNDB: JVNDB-2009-001380 // CNNVD: CNNVD-200902-615 // NVD: CVE-2009-0624

REFERENCES

url:	http://www.cisco.com/en/us/products/products_security_advisory09186a0080a7bc82.shtml	Trust: 2.0
url:	http://www.securityfocus.com/bid/33900	Trust: 1.7
url:	http://www.securitytracker.com/id?1021769	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0624	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0624	Trust: 0.8
url:	http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a0080a7bd0a.ht	Trust: 0.3
url:	http://www.cisco.com	Trust: 0.3
url:	/archive/1/501237	Trust: 0.3

sources: VULHUB: VHN-38070 // BID: 33900 // JVNDB: JVNDB-2009-001380 // CNNVD: CNNVD-200902-615 // NVD: CVE-2009-0624

CREDITS

Cisco Security bulletin

Trust: 0.6

sources: CNNVD: CNNVD-200902-615

SOURCES

db:	VULHUB	id:	VHN-38070
db:	BID	id:	33900
db:	JVNDB	id:	JVNDB-2009-001380
db:	CNNVD	id:	CNNVD-200902-615
db:	NVD	id:	CVE-2009-0624

LAST UPDATE DATE

2024-11-23T21:56:40.531000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-38070	date:	2009-03-03T00:00:00
db:	BID	id:	33900	date:	2009-03-09T22:26:00
db:	JVNDB	id:	JVNDB-2009-001380	date:	2009-06-30T00:00:00
db:	CNNVD	id:	CNNVD-200902-615	date:	2009-03-03T00:00:00
db:	NVD	id:	CVE-2009-0624	date:	2024-11-21T01:00:32.883

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-38070	date:	2009-02-26T00:00:00
db:	BID	id:	33900	date:	2009-02-25T00:00:00
db:	JVNDB	id:	JVNDB-2009-001380	date:	2009-06-30T00:00:00
db:	CNNVD	id:	CNNVD-200902-615	date:	2009-02-26T00:00:00
db:	NVD	id:	CVE-2009-0624	date:	2009-02-26T16:17:20.187