ID CVE-2005-2841
Summary Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials.
References
Vulnerable Configurations
  • Cisco IOS 12.2ZH
    cpe:2.3:o:cisco:ios:12.2zh
  • Cisco IOS 12.2ZL
    cpe:2.3:o:cisco:ios:12.2zl
  • Cisco IOS 12.3
    cpe:2.3:o:cisco:ios:12.3
  • Cisco IOS 12.3T
    cpe:2.3:o:cisco:ios:12.3t
  • Cisco IOS 12.4
    cpe:2.3:o:cisco:ios:12.4
  • Cisco IOS 12.4T
    cpe:2.3:o:cisco:ios:12.4t
CVSS
Base: 7.5 (as of 08-09-2005 - 08:33)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Cisco IOS 12.x Firewall Authentication Proxy Buffer Overflow Vulnerability. CVE-2005-2841. Dos exploit for hardware platform
id EDB-ID:26233
last seen 2016-02-03
modified 2005-09-07
published 2005-09-07
reporter Markus
source https://www.exploit-db.com/download/26233/
title Cisco IOS 12.x Firewall Authentication Proxy Buffer Overflow Vulnerability
nessus via4
NASL family CISCO
NASL id CISCO-SA-20050907-AUTH.NASL
description The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition. Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Telnet Services are not affected. Devices configured with only Authentication Proxy for HTTP and/or HTTPS are not affected. Only devices running certain versions of Cisco IOS are affected. Cisco has made free software available to address this vulnerability. There are workarounds available to mitigate the effects of the vulnerability.
last seen 2019-02-21
modified 2018-11-15
plugin id 48988
published 2010-09-01
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=48988
title Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow
oval via4
accepted 2009-12-14T04:00:05.128-05:00
class vulnerability
contributors
  • name Yuzheng Zhou
    organization Hewlett-Packard
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
description Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials.
family ios
id oval:org.mitre.oval:def:5317
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco IOS Firewall Authentication Proxy Buffer Overflow Vulnerability
version 4
refmap via4
cert-vn VU#236045
cisco 20050907 Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow
vupen ADV-2005-1669
Last major update 07-03-2011 - 21:25
Published 08-09-2005 - 06:03
Last modified 10-10-2017 - 21:30
Back to Top