Details of VAR-E-200709-0584

ID

VAR-E-200709-0584

CVE

cve_id:

CVE-2007-5134

Trust: 0.3

sources: BID: 25822

TITLE

Cisco Catalyst 6500 and Cisco 7600 Loopback Access Control Bypass Vulnerability

Trust: 0.3

sources: BID: 25822

DESCRIPTION

Cisco Catalyst 6500 and Cisco 7600 devices are prone to a vulnerability that may allow attackers to bypass access control lists (ACL).
Attackers may leverage this issue to access a device from an unauthorized remote location; this may aid in further attacks.

Trust: 0.3

sources: BID: 25822

AFFECTED PRODUCTS

vendor:	cisco	model:	catalyst ws-x6380-nam	scope:	eq	version:	76003.1	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-2	scope:	eq	version:	76003.1	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-1	scope:	eq	version:	76003.1	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-2	scope:	eq	version:	76002.2	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-1	scope:	eq	version:	76002.2	Trust: 0.3
vendor:	cisco	model:	catalyst ws-x6380-nam	scope:	eq	version:	76002.1	Trust: 0.3
vendor:	cisco	model:	catalyst sup720/msfc3	scope:	eq	version:	7600	Trust: 0.3
vendor:	cisco	model:	catalyst sup2/msfc2	scope:	eq	version:	7600	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	65007.6(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	65007.5(1)	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	65005.4.1	Trust: 0.3
vendor:	cisco	model:	catalyst ws-x6380-nam	scope:	eq	version:	65003.1	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-2	scope:	eq	version:	65003.1	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-1	scope:	eq	version:	65003.1	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-2	scope:	eq	version:	65002.2	Trust: 0.3
vendor:	cisco	model:	catalyst ws-svc-nam-1	scope:	eq	version:	65002.2	Trust: 0.3
vendor:	cisco	model:	catalyst ws-x6380-nam	scope:	eq	version:	65002.1	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	6500	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	7600	Trust: 0.3

sources: BID: 25822

EXPLOIT

To exploit this issue, attackers may use readily available network utilities.

Trust: 0.3

sources: BID: 25822

PRICE

Free

Trust: 0.3

sources: BID: 25822

TYPE

Access Validation Error

Trust: 0.3

sources: BID: 25822

CREDITS

The vendor credits Lee E. Rian with the discovery of this vulnerability.

Trust: 0.3

sources: BID: 25822

EXTERNAL IDS

db:	NVD	id:	CVE-2007-5134	Trust: 0.3
db:	BID	id:	25822	Trust: 0.3

sources: BID: 25822

REFERENCES

url:	http://www.cisco.com/warp/public/707/cisco-sr-20070926-lb.shtml	Trust: 0.3
url:	http://www.cisco.com/en/us/products/hw/switches/index.html	Trust: 0.3

sources: BID: 25822

SOURCES

db:

BID

id:

25822

LAST UPDATE DATE

2022-07-27T09:34:02.884000+00:00

SOURCES UPDATE DATE

db:

BID

id:

25822

date:

2015-05-07T17:35:00

SOURCES RELEASE DATE

db:

BID

id:

25822

date:

2007-09-26T00:00:00