Sign-up

ID

VAR-200712-0413


CVE

CVE-2007-5584


TITLE

Cisco FWSM Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-002811

DESCRIPTION

Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted "data in the control-plane path with Layer 7 Application Inspections.". An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. Repeated attacks will result in a prolonged denial-of-service condition. Cisco FWSM is a firewall service module on Cisco equipment. The vulnerability can be triggered by standard network traffic passing through the application-layer protocol inspection process. Even if the user does not launch a deliberate attack, packets that meet the conditions may unintentionally trigger this vulnerability. ---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. This can be exploited to cause a crash and reload the FWSM via specially crafted network traffic. The vulnerability is reported in FWSM System Software version 3.2(3). SOLUTION: Update to FWSM software version 3.2(4) (available approximately 2007-12-31). Apply vendor workaround (see vendor advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20071219-fwsm.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-5584 // JVNDB: JVNDB-2007-002811 // BID: 26941 // VULHUB: VHN-28946 // PACKETSTORM: 61993

AFFECTED PRODUCTS

vendor:ciscomodel:firewall services modulescope:eqversion:3.2(3)

Trust: 1.1

vendor:ciscomodel:firewall services modulescope:eqversion:3.2\(3\)

Trust: 1.0

vendor:ciscomodel:catalyst 6500scope: - version: -

Trust: 0.6

vendor:ciscomodel:7600 routerscope: - version: -

Trust: 0.6

vendor:ciscomodel:pix series security appliancescope:neversion:5007.1

Trust: 0.3

vendor:ciscomodel:pix series security appliancescope:neversion:5007.0

Trust: 0.3

vendor:ciscomodel:firewall services modulescope:neversion:3.2(2)

Trust: 0.3

vendor:ciscomodel:firewall services modulescope:neversion:3.1

Trust: 0.3

vendor:ciscomodel:firewall services modulescope:neversion:2.x

Trust: 0.3

vendor:ciscomodel:firewall services modulescope:neversion:1.x

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:neversion:55007.1

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:neversion:55007.0

Trust: 0.3

sources: BID: 26941 // JVNDB: JVNDB-2007-002811 // NVD: CVE-2007-5584 // CNNVD: CNNVD-200712-217

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2007-5584
value: HIGH

Trust: 1.8

CNNVD: CNNVD-200712-217
value: HIGH

Trust: 0.6

VULHUB: VHN-28946
value: HIGH

Trust: 0.1

NVD:
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2007-5584
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-28946
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-28946 // JVNDB: JVNDB-2007-002811 // NVD: CVE-2007-5584 // CNNVD: CNNVD-200712-217

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-DesignError

Trust: 0.8

sources: JVNDB: JVNDB-2007-002811 // NVD: CVE-2007-5584

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200712-217

TYPE

design error

Trust: 0.6

sources: CNNVD: CNNVD-200712-217

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2007-5584

PATCH
title:cisco-sa-20071219-fwsmurl:http://www.cisco.com/en/us/products/csa/cisco-sa-20071219-fwsm.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-002811

EXTERNAL IDS
db:NVDid:CVE-2007-5584
Trust: 2.8
db:BIDid:26941
Trust: 2.0
db:SECUNIAid:28175
Trust: 1.8
db:OSVDBid:39298
Trust: 1.7
db:VUPENid:ADV-2007-4270
Trust: 1.7
db:SECTRACKid:1019120
Trust: 1.7
db:JVNDBid:JVNDB-2007-002811
Trust: 0.8
db:CISCOid:20071219 APPLICATION INSPECTION VULNERABILITY IN CISCO FIREWALL SERVICES MODULE
Trust: 0.6
db:NSFOCUSid:11296
Trust: 0.6
db:XFid:39135
Trust: 0.6
db:CNNVDid:CNNVD-200712-217
Trust: 0.6
db:VULHUBid:VHN-28946
Trust: 0.1
db:PACKETSTORMid:61993
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28946 // 
            
            
            
            BID: 26941 // 
            
            
            
            JVNDB: JVNDB-2007-002811 // 
            
            
            
            PACKETSTORM: 61993 // 
            
            
            
            NVD: CVE-2007-5584 // 
            
            
            
            CNNVD: CNNVD-200712-217

REFERENCES
url:http://www.securityfocus.com/bid/26941
Trust: 1.7
url:http://www.cisco.com/en/us/products/products_security_advisory09186a008091b11d.shtml
Trust: 1.7
url:http://www.osvdb.org/39298
Trust: 1.7
url:http://www.securitytracker.com/id?1019120
Trust: 1.7
url:http://secunia.com/advisories/28175
Trust: 1.7
url:http://www.vupen.com/english/advisories/2007/4270
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/39135
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5584
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5584
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/39135
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2007/4270
Trust: 0.6
url:http://www.nsfocus.net/vulndb/11296
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:/archive/1/485320
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:https://psi.secunia.com/?page=changelog
Trust: 0.1
url:https://psi.secunia.com/
Trust: 0.1
url:http://secunia.com/advisories/28175/
Trust: 0.1
url:http://secunia.com/product/8614/
Trust: 0.1
url:http://www.cisco.com/warp/public/707/cisco-sa-20071219-fwsm.shtml
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28946 // 
            
            
            
            BID: 26941 // 
            
            
            
            JVNDB: JVNDB-2007-002811 // 
            
            
            
            PACKETSTORM: 61993 // 
            
            
            
            NVD: CVE-2007-5584 // 
            
            
            
            CNNVD: CNNVD-200712-217

CREDITS
Cisco Security bulletin
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200712-217

SOURCES
db:VULHUBid:VHN-28946
db:BIDid:26941
db:JVNDBid:JVNDB-2007-002811
db:PACKETSTORMid:61993
db:NVDid:CVE-2007-5584
db:CNNVDid:CNNVD-200712-217

LAST UPDATE DATE
2023-12-18T13:45:05.135000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-28946date:2017-07-29T00:00:00
db:BIDid:26941date:2007-12-20T18:31:00
db:JVNDBid:JVNDB-2007-002811date:2012-06-26T00:00:00
db:NVDid:CVE-2007-5584date:2017-07-29T01:33:44.663
db:CNNVDid:CNNVD-200712-217date:2007-12-20T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-28946date:2007-12-20T00:00:00
db:BIDid:26941date:2007-12-19T00:00:00
db:JVNDBid:JVNDB-2007-002811date:2012-06-26T00:00:00
db:PACKETSTORMid:61993date:2007-12-24T18:50:38
db:NVDid:CVE-2007-5584date:2007-12-20T02:46:00
db:CNNVDid:CNNVD-200712-217date:2007-12-19T00:00:00