Details of VAR-201610-0288

ID

VAR-201610-0288

CVE

CVE-2016-6439

TITLE

Cisco Firepower System software HTTP Denial of service in restructuring packet detection engine (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-005694

DESCRIPTION

A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper handling of an HTTP packet stream. An attacker could exploit this vulnerability by sending a crafted HTTP packet stream to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. Vendors have confirmed this vulnerability Bug ID CSCux61630 It is released as.Service disruption by a third party (DoS) There is a possibility of being put into a state. Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service condition. This issue is being tracked by Cisco bug ID CSCux61630. Cisco Firepower System Software is a next-generation firewall product (NGFW) of Cisco (Cisco). The following products running Cisco Firepower System Software Releases 5.4.1.5, 6.0, and 6.0.0.1 are affected: Cisco Adaptive Security Appliance 5500-X Series with FirePOWER Services, Advanced Malware Protection for Networks, 7000 Series Appliances, Advanced Malware Protection for Networks, 8000 Series Appliances , Firepower 4100 Series Security Appliances , FirePOWER 7000 Series Appliances , FirePOWER 8000 Series Appliances , Firepower 9300 Series Security Appliances , FirePOWER Threat Defense for Integrated Services Routers , Sourcefire 3D System Appliances , Virtual Next-Generation Intrusion Prevention System for VMware

Trust: 1.98

sources: NVD: CVE-2016-6439 // JVNDB: JVNDB-2016-005694 // BID: 93787 // VULHUB: VHN-95259

AFFECTED PRODUCTS

vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.3.1.6	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4.1	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.3.0.3	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.3.1	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.3.0.2	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4.1.2	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4.1.3	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.0.1	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4.1.4	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0_base	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4.1.5	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4.1.6	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.1	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4.1.1	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.3.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.3.1.3	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4.0.2	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.3.1.5	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4_base	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.3.0.4	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.0.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.3.1.4	Trust: 1.0
vendor:	cisco	model:	firepower system	scope:	eq	version:	6.1.0	Trust: 0.8
vendor:	cisco	model:	firepower system	scope:	eq	version:	6.0.1	Trust: 0.8
vendor:	cisco	model:	firepower system	scope:	lt	version:	6.0	Trust: 0.8
vendor:	cisco	model:	firepower system	scope:	lt	version:	6.0.0.1	Trust: 0.8
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.4.0	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3.0.2	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.4.1.1	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.0.0	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3.1.5	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.4.1.2	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3.0.4	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3.1.4	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.0.0.1	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3.1.6	Trust: 0.6
vendor:	cisco	model:	virtual next-generation intrusion prevention system	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	sourcefire 3d system appliances	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	industrial security appliance	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	firepower threat defense for integrated services routers	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.0.0.1	Trust: 0.3
vendor:	cisco	model:	firepower system software	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	firepower system software	scope:	eq	version:	5.4.1.5	Trust: 0.3
vendor:	cisco	model:	firepower system software	scope:	eq	version:	5.4.0.6	Trust: 0.3
vendor:	cisco	model:	firepower series security appliances	scope:	eq	version:	93000	Trust: 0.3
vendor:	cisco	model:	firepower series appliances	scope:	eq	version:	80000	Trust: 0.3
vendor:	cisco	model:	firepower series appliances	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	firepower series security appliances	scope:	eq	version:	41000	Trust: 0.3
vendor:	cisco	model:	advanced malware protection for networks series appli	scope:	eq	version:	80000	Trust: 0.3
vendor:	cisco	model:	advanced malware protection for networks series appli	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance series with firepower s	scope:	eq	version:	5500-x0	Trust: 0.3
vendor:	cisco	model:	firepower system software	scope:	ne	version:	6.1	Trust: 0.3
vendor:	cisco	model:	firepower system software	scope:	ne	version:	6.0.1	Trust: 0.3
vendor:	cisco	model:	firepower system software	scope:	ne	version:	5.4.1.6	Trust: 0.3
vendor:	cisco	model:	firepower system software	scope:	ne	version:	5.4.0.7	Trust: 0.3

sources: BID: 93787 // JVNDB: JVNDB-2016-005694 // CNNVD: CNNVD-201610-562 // NVD: CVE-2016-6439

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6439
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-6439
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201610-562
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-95259
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-6439
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-95259
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6439
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-95259 // JVNDB: JVNDB-2016-005694 // CNNVD: CNNVD-201610-562 // NVD: CVE-2016-6439

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-95259 // JVNDB: JVNDB-2016-005694 // NVD: CVE-2016-6439

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-562

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201610-562

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005694

PATCH

title:	cisco-sa-20161019-fpsnort	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-fpsnort	Trust: 0.8
title:	Cisco Firepower System Software Remediation measures for denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65007	Trust: 0.6

sources: JVNDB: JVNDB-2016-005694 // CNNVD: CNNVD-201610-562

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6439	Trust: 2.8
db:	BID	id:	93787	Trust: 2.0
db:	SECTRACK	id:	1037061	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-005694	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-562	Trust: 0.7
db:	VULHUB	id:	VHN-95259	Trust: 0.1

sources: VULHUB: VHN-95259 // BID: 93787 // JVNDB: JVNDB-2016-005694 // CNNVD: CNNVD-201610-562 // NVD: CVE-2016-6439

REFERENCES

url:	http://www.securityfocus.com/bid/93787	Trust: 1.7
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161019-fpsnort	Trust: 1.7
url:	http://www.securitytracker.com/id/1037061	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6439	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6439	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161019-fpsnort	Trust: 0.3

sources: VULHUB: VHN-95259 // BID: 93787 // JVNDB: JVNDB-2016-005694 // CNNVD: CNNVD-201610-562 // NVD: CVE-2016-6439

CREDITS

Cisco

Trust: 0.9

sources: BID: 93787 // CNNVD: CNNVD-201610-562

SOURCES

db:	VULHUB	id:	VHN-95259
db:	BID	id:	93787
db:	JVNDB	id:	JVNDB-2016-005694
db:	CNNVD	id:	CNNVD-201610-562
db:	NVD	id:	CVE-2016-6439

LAST UPDATE DATE

2024-11-27T23:05:02.744000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-95259	date:	2017-07-29T00:00:00
db:	BID	id:	93787	date:	2016-11-24T09:03:00
db:	JVNDB	id:	JVNDB-2016-005694	date:	2016-11-04T00:00:00
db:	CNNVD	id:	CNNVD-201610-562	date:	2016-11-15T00:00:00
db:	NVD	id:	CVE-2016-6439	date:	2024-11-26T16:09:02.407

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-95259	date:	2016-10-27T00:00:00
db:	BID	id:	93787	date:	2016-10-19T00:00:00
db:	JVNDB	id:	JVNDB-2016-005694	date:	2016-11-04T00:00:00
db:	CNNVD	id:	CNNVD-201610-562	date:	2016-10-25T00:00:00
db:	NVD	id:	CVE-2016-6439	date:	2016-10-27T21:59:11.093