var-200107-0160
Vulnerability from variot
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. Submitting numerous HTTP requests with modified headers, could cause Lotus Domino to consume all available system resources. Cisco VPN 3000 Series Concentrator versions prior to 2.5.2(F) have a vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200107-0160",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "lotus",
"version": null
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.5.2.c"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.5.2.b"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.5.2.a"
},
{
"model": "vpn 3000 concentrator series software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.5.2.d"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rit",
"version": null
},
{
"model": "vpn 3000 concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.5.2.a"
},
{
"model": "vpn 3000 concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.5.2.d"
},
{
"model": "vpn 3000 concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.5.2.c"
},
{
"model": "vpn 3000 concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.5.2.b"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.6"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.5"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.4"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.3"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.2"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "domino",
"scope": "ne",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.7"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "BID",
"id": "2565"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-021"
},
{
"db": "NVD",
"id": "CVE-2001-0428"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq by Peter Gr\u00fcndl \u003cpeter.grundl@defcom.com\u003e on April 11, 2001.",
"sources": [
{
"db": "BID",
"id": "2565"
}
],
"trust": 0.3
},
"cve": "CVE-2001-0428",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2001-0428",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-3247",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-0428",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#676552",
"trust": 0.8,
"value": "10.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#601312",
"trust": 0.8,
"value": "9.98"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#555464",
"trust": 0.8,
"value": "4.25"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#310816",
"trust": 0.8,
"value": "1.62"
},
{
"author": "CNNVD",
"id": "CNNVD-200107-021",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-3247",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "VULHUB",
"id": "VHN-3247"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-021"
},
{
"db": "NVD",
"id": "CVE-2001-0428"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. \nSubmitting numerous HTTP requests with modified headers, could cause Lotus Domino to consume all available system resources. Cisco VPN 3000 Series Concentrator versions prior to 2.5.2(F) have a vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0428"
},
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "BID",
"id": "2565"
},
{
"db": "VULHUB",
"id": "VHN-3247"
}
],
"trust": 4.14
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2001-0428",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "1786",
"trust": 1.7
},
{
"db": "BID",
"id": "2573",
"trust": 1.7
},
{
"db": "BID",
"id": "2565",
"trust": 1.1
},
{
"db": "BID",
"id": "2571",
"trust": 0.8
},
{
"db": "XF",
"id": "6349",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#676552",
"trust": 0.8
},
{
"db": "XF",
"id": "6347",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#601312",
"trust": 0.8
},
{
"db": "BID",
"id": "2599",
"trust": 0.8
},
{
"db": "XF",
"id": "6350",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#555464",
"trust": 0.8
},
{
"db": "XF",
"id": "6423",
"trust": 0.8
},
{
"db": "BID",
"id": "2636",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#310816",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200107-021",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20010412 VPN 3000 CONCENTRATOR IP OPTIONS VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "6360",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-3247",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "VULHUB",
"id": "VHN-3247"
},
{
"db": "BID",
"id": "2565"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-021"
},
{
"db": "NVD",
"id": "CVE-2001-0428"
}
]
},
"id": "VAR-200107-0160",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-3247"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T20:29:24.085000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0428"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/advisories/3208"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/2573"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/warp/public/707/vpn3k-ipoptions-vuln-pub.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/1786"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6360"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2571"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/static/6349.php"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2565"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/static/6347.php"
},
{
"trust": 0.8,
"url": "http://www.notes.net/r5fixlist.nsf/a8f0ffda1fc76c8985256752006aba6c?openview\u0026start=3.111\u0026count=30\u0026expand=3.126#3.126"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2599"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/static/6350.php"
},
{
"trust": 0.8,
"url": "http://www.notes.net/r5fixlist.nsf/a8f0ffda1fc76c8985256752006aba6c/59719a1dd92c03e385256a4d0073766b?opendocument"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2636"
},
{
"trust": 0.8,
"url": "http://www.ritlabs.com/the_bat/index.html"
},
{
"trust": 0.8,
"url": "http://www.security.nnov.ru/search/news.asp?binid=1136"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/static/6423.php"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/6360.php"
},
{
"trust": 0.3,
"url": "http://www.lotus.com/home.nsf/welcome/domino"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "VULHUB",
"id": "VHN-3247"
},
{
"db": "BID",
"id": "2565"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-021"
},
{
"db": "NVD",
"id": "CVE-2001-0428"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "VULHUB",
"id": "VHN-3247"
},
{
"db": "BID",
"id": "2565"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-021"
},
{
"db": "NVD",
"id": "CVE-2001-0428"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-07-23T00:00:00",
"db": "CERT/CC",
"id": "VU#676552"
},
{
"date": "2001-07-12T00:00:00",
"db": "CERT/CC",
"id": "VU#601312"
},
{
"date": "2001-07-12T00:00:00",
"db": "CERT/CC",
"id": "VU#555464"
},
{
"date": "2001-06-01T00:00:00",
"db": "CERT/CC",
"id": "VU#310816"
},
{
"date": "2001-07-02T00:00:00",
"db": "VULHUB",
"id": "VHN-3247"
},
{
"date": "2001-04-11T00:00:00",
"db": "BID",
"id": "2565"
},
{
"date": "2001-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200107-021"
},
{
"date": "2001-07-02T04:00:00",
"db": "NVD",
"id": "CVE-2001-0428"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-07-26T00:00:00",
"db": "CERT/CC",
"id": "VU#676552"
},
{
"date": "2001-07-17T00:00:00",
"db": "CERT/CC",
"id": "VU#601312"
},
{
"date": "2001-07-17T00:00:00",
"db": "CERT/CC",
"id": "VU#555464"
},
{
"date": "2001-08-30T00:00:00",
"db": "CERT/CC",
"id": "VU#310816"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-3247"
},
{
"date": "2001-04-11T00:00:00",
"db": "BID",
"id": "2565"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200107-021"
},
{
"date": "2018-10-30T16:26:16.373000",
"db": "NVD",
"id": "CVE-2001-0428"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200107-021"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lotus Domino vulnerable to DoS via crafted unicode GET request",
"sources": [
{
"db": "CERT/CC",
"id": "VU#676552"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200107-021"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…