Details of VAR-200902-0541

ID

VAR-200902-0541

CVE

CVE-2009-0625

TITLE

Catalyst 6500 Switch and 7600 For router Cisco ACE Application Control Engine Modules and Cisco ACE 4710 Application Control Engine Appliance Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2009-001379

DESCRIPTION

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet. Other attacks are also possible

Trust: 1.98

sources: NVD: CVE-2009-0625 // JVNDB: JVNDB-2009-001379 // BID: 33900 // VULHUB: VHN-38071

AFFECTED PRODUCTS

vendor:	cisco	model:	ace 4710	scope:	lte	version:	a1\(2.0\)	Trust: 1.0
vendor:	cisco	model:	application control engine module	scope:	lte	version:	a2\(1.1\)	Trust: 1.0
vendor:	cisco	model:	ace module a2	scope:	ne	version:	-	Trust: 0.9
vendor:	cisco	model:	ace 4710	scope:	lt	version:	a2(1.2)	Trust: 0.8
vendor:	cisco	model:	ace application control engine module	scope:	lt	version:	a1(8.0)	Trust: 0.8
vendor:	cisco	model:	ace appliance a1	scope:	ne	version:	4710	Trust: 0.6
vendor:	cisco	model:	ace 4710	scope:	eq	version:	a1\(2.0\)	Trust: 0.6
vendor:	cisco	model:	application control engine module	scope:	eq	version:	a2\(1.1\)	Trust: 0.6
vendor:	cisco	model:	application control engine module	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ace module	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ace appliance	scope:	eq	version:	47100	Trust: 0.3
vendor:	cisco	model:	ace appliance a3	scope:	ne	version:	4710	Trust: 0.3

sources: BID: 33900 // JVNDB: JVNDB-2009-001379 // CNNVD: CNNVD-200902-616 // NVD: CVE-2009-0625

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-0625
value:	HIGH
Trust: 1.0
NVD:	CVE-2009-0625
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200902-616
value:	HIGH
Trust: 0.6
VULHUB:	VHN-38071
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2009-0625
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-38071
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-38071 // JVNDB: JVNDB-2009-001379 // CNNVD: CNNVD-200902-616 // NVD: CVE-2009-0625

PROBLEMTYPE DATA

problemtype:

CWE-94

Trust: 1.9

sources: VULHUB: VHN-38071 // JVNDB: JVNDB-2009-001379 // NVD: CVE-2009-0625

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200902-616

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-200902-616

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-001379

PATCH

title:

cisco-sa-20090225-ace

url:

http://www.cisco.com/warp/public/707/cisco-sa-20090225-ace.shtml

Trust: 0.8

sources: JVNDB: JVNDB-2009-001379

EXTERNAL IDS

db:	NVD	id:	CVE-2009-0625	Trust: 2.8
db:	BID	id:	33900	Trust: 2.0
db:	SECTRACK	id:	1021769	Trust: 1.7
db:	JVNDB	id:	JVNDB-2009-001379	Trust: 0.8
db:	CISCO	id:	20090225 MULTIPLE VULNERABILITIES IN THE CISCO ACE APPLICATION CONTROL ENGINE MODULE AND CISCO ACE 4710 APPLICATION CONTROL ENGINE	Trust: 0.6
db:	CNNVD	id:	CNNVD-200902-616	Trust: 0.6
db:	VULHUB	id:	VHN-38071	Trust: 0.1

sources: VULHUB: VHN-38071 // BID: 33900 // JVNDB: JVNDB-2009-001379 // CNNVD: CNNVD-200902-616 // NVD: CVE-2009-0625

REFERENCES

url:	http://www.cisco.com/en/us/products/products_security_advisory09186a0080a7bc82.shtml	Trust: 2.0
url:	http://www.securityfocus.com/bid/33900	Trust: 1.7
url:	http://www.securitytracker.com/id?1021769	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0625	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0625	Trust: 0.8
url:	http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a0080a7bd0a.ht	Trust: 0.3
url:	http://www.cisco.com	Trust: 0.3
url:	/archive/1/501237	Trust: 0.3

sources: VULHUB: VHN-38071 // BID: 33900 // JVNDB: JVNDB-2009-001379 // CNNVD: CNNVD-200902-616 // NVD: CVE-2009-0625

CREDITS

Cisco Security bulletin

Trust: 0.6

sources: CNNVD: CNNVD-200902-616

SOURCES

db:	VULHUB	id:	VHN-38071
db:	BID	id:	33900
db:	JVNDB	id:	JVNDB-2009-001379
db:	CNNVD	id:	CNNVD-200902-616
db:	NVD	id:	CVE-2009-0625

LAST UPDATE DATE

2025-04-10T22:56:39.292000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-38071	date:	2009-03-03T00:00:00
db:	BID	id:	33900	date:	2009-03-09T22:26:00
db:	JVNDB	id:	JVNDB-2009-001379	date:	2009-06-30T00:00:00
db:	CNNVD	id:	CNNVD-200902-616	date:	2009-03-03T00:00:00
db:	NVD	id:	CVE-2009-0625	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-38071	date:	2009-02-26T00:00:00
db:	BID	id:	33900	date:	2009-02-25T00:00:00
db:	JVNDB	id:	JVNDB-2009-001379	date:	2009-06-30T00:00:00
db:	CNNVD	id:	CNNVD-200902-616	date:	2009-02-26T00:00:00
db:	NVD	id:	CVE-2009-0625	date:	2009-02-26T16:17:20.217