Details of VAR-201110-0167

ID

VAR-201110-0167

CVE

CVE-2011-2060

TITLE

Cisco Adaptive Security Appliances (ASA) 5500 'platform-sw' Local Denial of Service Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2011-4505 // BID: 50378

DESCRIPTION

The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 before 8.2(5.3), 8.3 before 8.3(2.20), and 8.4 before 8.4(2.1) does not properly handle non-ASCII characters in an interface description, which allows local users to cause a denial of service (reload without configuration) via a crafted description, aka Bug ID CSCtq50523. The Cisco Adaptive Security Appliance is an adaptive security appliance that provides modules for security and VPN services. A local attacker can exploit this issue to crash the vulnerable device, resulting in denial-of-service conditions. This issue is being tracked by Cisco bug ID CSCtq50523. Cisco ASA is a set of firewall equipment of Cisco (Cisco). The device also includes IPS (Intrusion Prevention System), SSL VPN, IPSec VPN, antispam, and more

Trust: 2.52

sources: NVD: CVE-2011-2060 // JVNDB: JVNDB-2011-002600 // CNVD: CNVD-2011-4505 // BID: 50378 // VULHUB: VHN-50005

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2011-4505

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(1.11\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(5\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(2\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.3\(2\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(4.1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(5\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(4.4\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(0\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.7\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.16\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.10\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(6.7\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(7\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(1\)	Trust: 1.0
vendor:	cisco	model:	5500 series adaptive security appliance	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.4.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.1.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(6\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.18\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.48\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.15\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(3\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.19\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(3\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(5.2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(3\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(8\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(3.9\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.8\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.3\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.17\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(1.22\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.14\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	5500 series \u3000 software 8.4(2.1)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	5500 series \u3000 software 8.3(2.20)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	lt	version:	8.4	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	5500 series \u3000 software 8.2(5.3)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	lt	version:	8.2	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	lt	version:	8.3	Trust: 0.8
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2x	Trust: 0.6
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3x	Trust: 0.6
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4x	Trust: 0.6
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(1.10)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2.18)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2.13)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(1.8)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(1.6)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(1.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(0.08)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(5)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(4.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(4)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(3)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2.19)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2.17)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2.13)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2.10)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(1.5)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(1.2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(1.16)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(1.15)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(1.10)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	ne	version:	55008.4(2.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	ne	version:	55008.3(2.20)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	ne	version:	55008.2(5.3)	Trust: 0.3

sources: CNVD: CNVD-2011-4505 // BID: 50378 // JVNDB: JVNDB-2011-002600 // CNNVD: CNNVD-201110-569 // NVD: CVE-2011-2060

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-2060
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2011-2060
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201110-569
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-50005
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2011-2060
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-50005
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-50005 // JVNDB: JVNDB-2011-002600 // CNNVD: CNNVD-201110-569 // NVD: CVE-2011-2060

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-50005 // JVNDB: JVNDB-2011-002600 // NVD: CVE-2011-2060

THREAT TYPE

local

Trust: 0.9

sources: BID: 50378 // CNNVD: CNNVD-201110-569

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201110-569

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-002600

PATCH

title:	asarn84	url:	http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html	Trust: 0.8
title:	Patch for Cisco Adaptive Security Appliances (ASA) 5500 'platform-sw' Local Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/5662	Trust: 0.6

sources: CNVD: CNVD-2011-4505 // JVNDB: JVNDB-2011-002600

EXTERNAL IDS

db:	NVD	id:	CVE-2011-2060	Trust: 3.4
db:	JVNDB	id:	JVNDB-2011-002600	Trust: 0.8
db:	CNNVD	id:	CNNVD-201110-569	Trust: 0.7
db:	CNVD	id:	CNVD-2011-4505	Trust: 0.6
db:	NSFOCUS	id:	18039	Trust: 0.6
db:	BID	id:	50378	Trust: 0.4
db:	VULHUB	id:	VHN-50005	Trust: 0.1

sources: CNVD: CNVD-2011-4505 // VULHUB: VHN-50005 // BID: 50378 // JVNDB: JVNDB-2011-002600 // CNNVD: CNNVD-201110-569 // NVD: CVE-2011-2060

REFERENCES

url:	http://www.cisco.com/en/us/docs/security/asa/asa84/release/notes/asarn84.html	Trust: 2.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2060	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2060	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/18039	Trust: 0.6
url:	http://www.cisco.com/en/us/products/ps6120/index.html	Trust: 0.3

sources: CNVD: CNVD-2011-4505 // VULHUB: VHN-50005 // BID: 50378 // JVNDB: JVNDB-2011-002600 // CNNVD: CNNVD-201110-569 // NVD: CVE-2011-2060

CREDITS

Cisco

Trust: 0.3

sources: BID: 50378

SOURCES

db:	CNVD	id:	CNVD-2011-4505
db:	VULHUB	id:	VHN-50005
db:	BID	id:	50378
db:	JVNDB	id:	JVNDB-2011-002600
db:	CNNVD	id:	CNNVD-201110-569
db:	NVD	id:	CVE-2011-2060

LAST UPDATE DATE

2024-11-23T23:06:28.318000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-4505	date:	2011-10-27T00:00:00
db:	VULHUB	id:	VHN-50005	date:	2012-05-13T00:00:00
db:	BID	id:	50378	date:	2011-10-26T00:00:00
db:	JVNDB	id:	JVNDB-2011-002600	date:	2011-10-31T00:00:00
db:	CNNVD	id:	CNNVD-201110-569	date:	2011-10-24T00:00:00
db:	NVD	id:	CVE-2011-2060	date:	2024-11-21T01:27:31.360

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2011-4505	date:	2011-10-27T00:00:00
db:	VULHUB	id:	VHN-50005	date:	2011-10-22T00:00:00
db:	BID	id:	50378	date:	2011-10-26T00:00:00
db:	JVNDB	id:	JVNDB-2011-002600	date:	2011-10-31T00:00:00
db:	CNNVD	id:	CNNVD-201110-569	date:	2011-10-24T00:00:00
db:	NVD	id:	CVE-2011-2060	date:	2011-10-22T02:59:19.370