Details of VAR-201108-0016

ID

VAR-201108-0016

CVE

CVE-2011-1625

TITLE

Cisco IOS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2011-003153

DESCRIPTION

Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerability than CVE-2007-0199, CVE-2008-1152, and CVE-2009-0629. Cisco IOS Service disruption when the data link switching function is set ( Device crash ) There is a vulnerability that becomes a condition. The problem is Bug IDs CSCtf74999 It is a problem. Cisco IOS is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to crash the affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtf74999. Cisco IOS is an operating system developed by Cisco in the United States for its network equipment

Trust: 1.98

sources: NVD: CVE-2011-1625 // JVNDB: JVNDB-2011-003153 // BID: 49286 // VULHUB: VHN-49570

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.1	Trust: 2.7
vendor:	cisco	model:	ios	scope:	eq	version:	15.0	Trust: 2.7
vendor:	cisco	model:	ios	scope:	eq	version:	12.4	Trust: 2.7
vendor:	cisco	model:	ios	scope:	eq	version:	12.3	Trust: 2.7
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 2.7
vendor:	cisco	model:	ios 12.2 sy	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 scf	scope:	ne	version:	-	Trust: 0.3

sources: BID: 49286 // JVNDB: JVNDB-2011-003153 // CNNVD: CNNVD-201108-346 // NVD: CVE-2011-1625

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-1625
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2011-1625
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201108-346
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-49570
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2011-1625
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-49570
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-49570 // JVNDB: JVNDB-2011-003153 // CNNVD: CNNVD-201108-346 // NVD: CVE-2011-1625

PROBLEMTYPE DATA

problemtype:

CWE-362

Trust: 1.9

sources: VULHUB: VHN-49570 // JVNDB: JVNDB-2011-003153 // NVD: CVE-2011-1625

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201108-346

TYPE

competitive condition

Trust: 0.6

sources: CNNVD: CNNVD-201108-346

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003153

PATCH

title:

Cisco uBR7200 Router Release Notes for Cisco IOS Release 12.2(33)SCF

url:

http://www.cisco.com/en/US/docs/cable/cmts/release/notes/12_2sc/uBR7200/122_33_SCF/caveats.html

Trust: 0.8

sources: JVNDB: JVNDB-2011-003153

EXTERNAL IDS

db:	NVD	id:	CVE-2011-1625	Trust: 2.8
db:	JVNDB	id:	JVNDB-2011-003153	Trust: 0.8
db:	CNNVD	id:	CNNVD-201108-346	Trust: 0.7
db:	NSFOCUS	id:	17604	Trust: 0.6
db:	BID	id:	49286	Trust: 0.4
db:	VULHUB	id:	VHN-49570	Trust: 0.1

sources: VULHUB: VHN-49570 // BID: 49286 // JVNDB: JVNDB-2011-003153 // CNNVD: CNNVD-201108-346 // NVD: CVE-2011-1625

REFERENCES

url:	http://www.cisco.com/en/us/docs/cable/cmts/release/notes/12_2sc/ubr7200/122_33_scf/caveats.html	Trust: 2.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1625	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1625	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/17604	Trust: 0.6
url:	http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html	Trust: 0.3
url:	http://www.cisco.com/en/us/docs/switches/lan/catalyst6500/ios/12.2sy/release/notes/ol_20679.html	Trust: 0.3

sources: VULHUB: VHN-49570 // BID: 49286 // JVNDB: JVNDB-2011-003153 // CNNVD: CNNVD-201108-346 // NVD: CVE-2011-1625

CREDITS

Reported by the vendor.

Trust: 0.3

sources: BID: 49286

SOURCES

db:	VULHUB	id:	VHN-49570
db:	BID	id:	49286
db:	JVNDB	id:	JVNDB-2011-003153
db:	CNNVD	id:	CNNVD-201108-346
db:	NVD	id:	CVE-2011-1625

LAST UPDATE DATE

2025-04-11T23:13:00.542000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-49570	date:	2012-03-15T00:00:00
db:	BID	id:	49286	date:	2011-09-26T18:50:00
db:	JVNDB	id:	JVNDB-2011-003153	date:	2011-12-01T00:00:00
db:	CNNVD	id:	CNNVD-201108-346	date:	2011-08-22T00:00:00
db:	NVD	id:	CVE-2011-1625	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-49570	date:	2011-08-18T00:00:00
db:	BID	id:	49286	date:	2011-08-23T00:00:00
db:	JVNDB	id:	JVNDB-2011-003153	date:	2011-12-01T00:00:00
db:	CNNVD	id:	CNNVD-201108-346	date:	2011-08-19T00:00:00
db:	NVD	id:	CVE-2011-1625	date:	2011-08-18T18:55:01.443