Sign-up

ID

VAR-200707-0108


CVE

CVE-2007-3923


TITLE

Cisco WAE Used by appliances Cisco WAAS of CIFS Denial of service in network optimization (DoS) Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2007-002386

DESCRIPTION

The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service (loss of service) via a flood of TCP SYN packets to port (1) 139 or (2) 445. Cisco Wide Area Application Services software is prone to a remote denial-of-service vulnerability. Exploiting this issue allows remote attackers to cause a device running the affected software to stop processing all types of traffic, effectively denying service to legitimate users. Cisco WAAS 4.0.7 and 4.0.9 are affected. NOTE: Only devices configured with Edge Services are vulnerable to this issue. There is a loophole in the implementation of WAAS, and a remote attacker may use this loophole to make the device unavailable. The CIFS function of WAAS software uses ports 139 and 445. This can be caused by network traffic sent directly to WAAS platforms or by automated systems such as host scanners, port scanners, or network worms. ---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. The vulnerability is caused due to an error in Edge Services, which uses CIFS optimisation, when handling packets sent to ports 139/TCP and 445/TCP. The vulnerability is reported in WAE appliances and the NM-WAE-502 network modules running WAAS versions 4.0.7 or 4.0.9. SOLUTION: Update to version 4.0.11. http://www.cisco.com/pcgi-bin/tablebuild.pl/waas40?psrtdcat20e2 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20070718-waas.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-3923 // JVNDB: JVNDB-2007-002386 // BID: 24956 // VULHUB: VHN-27285 // PACKETSTORM: 57878

AFFECTED PRODUCTS

vendor:ciscomodel:wide area application enginescope: - version: -

Trust: 1.4

vendor:ciscomodel:wide area application engine nm-wae-502scope: - version: -

Trust: 1.4

vendor:ciscomodel:wide area application servicesscope:eqversion:4.0.9

Trust: 1.3

vendor:ciscomodel:wide area application servicesscope:eqversion:4.0.7

Trust: 1.3

vendor:ciscomodel:wide area application services softwarescope:eqversion:4.0.7 and 4.0.9

Trust: 0.8

sources: BID: 24956 // JVNDB: JVNDB-2007-002386 // CNNVD: CNNVD-200707-379 // NVD: CVE-2007-3923

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-3923
value: HIGH

Trust: 1.0

NVD: CVE-2007-3923
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200707-379
value: HIGH

Trust: 0.6

VULHUB: VHN-27285
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-3923
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-27285
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-27285 // JVNDB: JVNDB-2007-002386 // CNNVD: CNNVD-200707-379 // NVD: CVE-2007-3923

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-3923

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200707-379

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200707-379

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-002386

PATCH
title:cisco-sa-20070718-waasurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070718-waas
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-002386

EXTERNAL IDS
db:NVDid:CVE-2007-3923
Trust: 2.8
db:BIDid:24956
Trust: 2.0
db:SECUNIAid:26122
Trust: 1.8
db:VUPENid:ADV-2007-2572
Trust: 1.7
db:SECTRACKid:1018416
Trust: 1.7
db:OSVDBid:36120
Trust: 1.7
db:JVNDBid:JVNDB-2007-002386
Trust: 0.8
db:XFid:35477
Trust: 0.6
db:CISCOid:20070718 DENIAL OF SERVICE VULNERABILITY IN CISCO WIDE AREA APPLICATION SERVICES (WAAS) SOFTWARE
Trust: 0.6
db:CNNVDid:CNNVD-200707-379
Trust: 0.6
db:VULHUBid:VHN-27285
Trust: 0.1
db:PACKETSTORMid:57878
Trust: 0.1
sources:
            
            
            VULHUB: VHN-27285 // 
            
            
            
            BID: 24956 // 
            
            
            
            JVNDB: JVNDB-2007-002386 // 
            
            
            
            PACKETSTORM: 57878 // 
            
            
            
            CNNVD: CNNVD-200707-379 // 
            
            
            
            NVD: CVE-2007-3923

REFERENCES
url:http://www.cisco.com/warp/public/707/cisco-sa-20070718-waas.shtml
Trust: 2.1
url:http://www.securityfocus.com/bid/24956
Trust: 1.7
url:http://www.osvdb.org/36120
Trust: 1.7
url:http://www.securitytracker.com/id?1018416
Trust: 1.7
url:http://secunia.com/advisories/26122
Trust: 1.7
url:http://www.vupen.com/english/advisories/2007/2572
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/35477
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3923
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3923
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/35477
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2007/2572
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:/archive/1/474007
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/network_software_inspector/
Trust: 0.1
url:http://www.cisco.com/pcgi-bin/tablebuild.pl/waas40?psrtdcat20e2
Trust: 0.1
url:http://secunia.com/product/12541/
Trust: 0.1
url:http://secunia.com/advisories/26122/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-27285 // 
            
            
            
            BID: 24956 // 
            
            
            
            JVNDB: JVNDB-2007-002386 // 
            
            
            
            PACKETSTORM: 57878 // 
            
            
            
            CNNVD: CNNVD-200707-379 // 
            
            
            
            NVD: CVE-2007-3923

CREDITS
Cisco Security bulletin
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200707-379

SOURCES
db:VULHUBid:VHN-27285
db:BIDid:24956
db:JVNDBid:JVNDB-2007-002386
db:PACKETSTORMid:57878
db:CNNVDid:CNNVD-200707-379
db:NVDid:CVE-2007-3923

LAST UPDATE DATE
2025-04-10T23:13:15.951000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-27285date:2017-07-29T00:00:00
db:BIDid:24956date:2015-05-07T17:36:00
db:JVNDBid:JVNDB-2007-002386date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200707-379date:2007-07-23T00:00:00
db:NVDid:CVE-2007-3923date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-27285date:2007-07-21T00:00:00
db:BIDid:24956date:2007-07-18T00:00:00
db:JVNDBid:JVNDB-2007-002386date:2012-06-26T00:00:00
db:PACKETSTORMid:57878date:2007-07-20T05:47:25
db:CNNVDid:CNNVD-200707-379date:2007-07-20T00:00:00
db:NVDid:CVE-2007-3923date:2007-07-21T00:30:00