var-200705-0566
Vulnerability from variot
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. The Cisco ASA and PIX firewalls contain an authentication bypass vulnerability. This vulnerability may allow a remote attacker to gain unauthorized access to the internal network or firewall. The Cisco Adaptive Security Appliance contains a memory exhaustion vulnerability that may occur when the DHCP service relay is enabled. According to Cisco Systems information LDAP With authentication PAP (Password Authentication Protocol) There is no effect if is set to use.To a third party LDAP Authentication can be bypassed and unauthorized access to the appliance and internal resources can occur. PIX is a firewall device that provides policy enforcement, multi-vector attack protection and secure connection services for users and applications; Adaptive Security Appliance (ASA) is a modular platform that provides security and VPN services. Remote attackers may use this vulnerability to cause the device to fail to work normally or to bypass authentication. Access to the management session must be explicitly enabled in the device configuration and restricted to defined IP addresses only. This vulnerability is documented in Cisco Bug ID as CSCsh42793.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/
The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.
2) An unspecified error when using VPN connections configured with password expiry can be exploited to cause a DoS.
Successful exploitation requires that the tunnel group is configured with password expiry. In order to exploit this in IPSec VPN connections, an attacker also needs to know the group name and group password.
3) A race condition within the processing of non-standard SSL sessions in the SSL VPN server of Cisco ASA appliances can be exploited to cause the device to reload.
Successful exploitation requires that clientless SSL is used.
4) An error within the DHCP relay agent when handling DHCPACK messages can be exploited to cause a DoS due to memory exhaustion by sending a large number of DHCP requests to a vulnerable device.
Successful exploitation requires that devices are configured to use the DHCP relay agent.
SOLUTION: Apply updated software versions. Please see vendor advisories for details.
PROVIDED AND/OR DISCOVERED BY: 1-3) Reported by the vendor. 4) Lisa Sittler and Grant Deffenbaugh, CERT/CC.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20070502-asa.shtml http://www.cisco.com/warp/public/707/cisco-sr-20070502-pix.shtml
http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html http://www.cisco.com/en/US/products/products_applied_intelligence_response09186a008083316f.html
US-CERT VU#530057: http://www.kb.cert.org/vuls/id/530057
OTHER REFERENCES: US-CERT VU#210876: http://www.kb.cert.org/vuls/id/210876
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200705-0566",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "cisco",
"version": null
},
{
"model": "pix",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "pix",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "adaptive security appliance software",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2.2"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.2.2"
},
{
"model": "pix",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.2"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.7)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.16)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.15)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.14)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.10)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(1)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.(2.48)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(2.5)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(2)"
},
{
"model": "pix/asa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.8)"
},
{
"model": "pix/asa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.19)"
},
{
"model": "pix/asa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.17)"
},
{
"model": "pix/asa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.(2.49)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "BID",
"id": "23768"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000335"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-034"
},
{
"db": "NVD",
"id": "CVE-2007-2462"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:pix_asa",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000335"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-034"
}
],
"trust": 0.6
},
"cve": "CVE-2007-2462",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-2462",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-25824",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-2462",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#337508",
"trust": 0.8,
"value": "0.70"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#210876",
"trust": 0.8,
"value": "2.43"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#530057",
"trust": 0.8,
"value": "0.64"
},
{
"author": "NVD",
"id": "CVE-2007-2462",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200705-034",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-25824",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2007-2462",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "VULHUB",
"id": "VHN-25824"
},
{
"db": "VULMON",
"id": "CVE-2007-2462"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000335"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-034"
},
{
"db": "NVD",
"id": "CVE-2007-2462"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. The Cisco ASA and PIX firewalls contain an authentication bypass vulnerability. This vulnerability may allow a remote attacker to gain unauthorized access to the internal network or firewall. The Cisco Adaptive Security Appliance contains a memory exhaustion vulnerability that may occur when the DHCP service relay is enabled. According to Cisco Systems information LDAP With authentication PAP (Password Authentication Protocol) There is no effect if is set to use.To a third party LDAP Authentication can be bypassed and unauthorized access to the appliance and internal resources can occur. PIX is a firewall device that provides policy enforcement, multi-vector attack protection and secure connection services for users and applications; Adaptive Security Appliance (ASA) is a modular platform that provides security and VPN services. Remote attackers may use this vulnerability to cause the device to fail to work normally or to bypass authentication. Access to the management session must be explicitly enabled in the device configuration and restricted to defined IP addresses only. This vulnerability is documented in Cisco Bug ID as CSCsh42793. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nJoin the FREE BETA test of the Network Software Inspector (NSI)!\nhttp://secunia.com/network_software_inspector/\n\nThe NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\n2) An unspecified error when using VPN connections configured with\npassword expiry can be exploited to cause a DoS. \n\nSuccessful exploitation requires that the tunnel group is configured\nwith password expiry. In order to exploit this in IPSec VPN\nconnections, an attacker also needs to know the group name and group\npassword. \n\n3) A race condition within the processing of non-standard SSL\nsessions in the SSL VPN server of Cisco ASA appliances can be\nexploited to cause the device to reload. \n\nSuccessful exploitation requires that clientless SSL is used. \n\n4) An error within the DHCP relay agent when handling DHCPACK\nmessages can be exploited to cause a DoS due to memory exhaustion by\nsending a large number of DHCP requests to a vulnerable device. \n\nSuccessful exploitation requires that devices are configured to use\nthe DHCP relay agent. \n\nSOLUTION:\nApply updated software versions. Please see vendor advisories for\ndetails. \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) Reported by the vendor. \n4) Lisa Sittler and Grant Deffenbaugh, CERT/CC. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20070502-asa.shtml\nhttp://www.cisco.com/warp/public/707/cisco-sr-20070502-pix.shtml\n\nhttp://www.cisco.com/en/US/products/products_security_response09186a0080833172.html\nhttp://www.cisco.com/en/US/products/products_applied_intelligence_response09186a008083316f.html\n\nUS-CERT VU#530057:\nhttp://www.kb.cert.org/vuls/id/530057\n\nOTHER REFERENCES:\nUS-CERT VU#210876:\nhttp://www.kb.cert.org/vuls/id/210876\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2462"
},
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000335"
},
{
"db": "BID",
"id": "23768"
},
{
"db": "VULHUB",
"id": "VHN-25824"
},
{
"db": "VULMON",
"id": "CVE-2007-2462"
},
{
"db": "PACKETSTORM",
"id": "56436"
}
],
"trust": 4.32
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#210876",
"trust": 3.8
},
{
"db": "BID",
"id": "23768",
"trust": 2.9
},
{
"db": "NVD",
"id": "CVE-2007-2462",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "25109",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "35331",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1017994",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1017995",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2007-1636",
"trust": 1.7
},
{
"db": "XF",
"id": "34020",
"trust": 1.4
},
{
"db": "CERT/CC",
"id": "VU#337508",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#530057",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000335",
"trust": 0.8
},
{
"db": "CISCO",
"id": "20070502 LDAP AND VPN VULNERABILITIES IN PIX AND ASA APPLIANCES",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200705-034",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-25824",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2007/1636",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2007-2462",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56436",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "VULHUB",
"id": "VHN-25824"
},
{
"db": "VULMON",
"id": "CVE-2007-2462"
},
{
"db": "BID",
"id": "23768"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000335"
},
{
"db": "PACKETSTORM",
"id": "56436"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-034"
},
{
"db": "NVD",
"id": "CVE-2007-2462"
}
]
},
"id": "VAR-200705-0566",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25824"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:43:22.824000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20070502-asa",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070502-asa.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000335"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2462"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/210876"
},
{
"trust": 2.6,
"url": "http://www.osvdb.org/35331"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/23768"
},
{
"trust": 2.6,
"url": "http://www.securitytracker.com/id?1017994"
},
{
"trust": 2.6,
"url": "http://www.securitytracker.com/id?1017995"
},
{
"trust": 2.4,
"url": "http://www.cisco.com/en/us/products/ps6120/index.html"
},
{
"trust": 2.4,
"url": "http://en.wikipedia.org/wiki/intrusion-prevention_system"
},
{
"trust": 2.0,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070502-asa.shtml"
},
{
"trust": 1.8,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080833166.shtml"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/25109"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2007/1636"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/34020"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2007/1636"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34020"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20070502-pix.shtml"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/25109/"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/110/webvpnasa.pdf"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/netsol/ns461/networking_solutions_white_paper0900aecd80282f87.shtml"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080833166.shtml#details"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/pcgi-bin/support/bugtool/onebug.pl?bugid=cscsi16248"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/pcgi-bin/support/bugtool/onebug.pl?bugid=cscsh50277"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/ps6120/products_configuration_guide_chapter09186a0080636f31.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2462"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2462"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "/archive/1/467385"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/337508"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/530057"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6102/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_applied_intelligence_response09186a008083316f.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_response09186a0080833172.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6115/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "VULHUB",
"id": "VHN-25824"
},
{
"db": "VULMON",
"id": "CVE-2007-2462"
},
{
"db": "BID",
"id": "23768"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000335"
},
{
"db": "PACKETSTORM",
"id": "56436"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-034"
},
{
"db": "NVD",
"id": "CVE-2007-2462"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#337508"
},
{
"db": "CERT/CC",
"id": "VU#210876"
},
{
"db": "CERT/CC",
"id": "VU#530057"
},
{
"db": "VULHUB",
"id": "VHN-25824"
},
{
"db": "VULMON",
"id": "CVE-2007-2462"
},
{
"db": "BID",
"id": "23768"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000335"
},
{
"db": "PACKETSTORM",
"id": "56436"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-034"
},
{
"db": "NVD",
"id": "CVE-2007-2462"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-05-03T00:00:00",
"db": "CERT/CC",
"id": "VU#337508"
},
{
"date": "2007-05-02T00:00:00",
"db": "CERT/CC",
"id": "VU#210876"
},
{
"date": "2007-05-02T00:00:00",
"db": "CERT/CC",
"id": "VU#530057"
},
{
"date": "2007-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-25824"
},
{
"date": "2007-05-02T00:00:00",
"db": "VULMON",
"id": "CVE-2007-2462"
},
{
"date": "2007-05-02T00:00:00",
"db": "BID",
"id": "23768"
},
{
"date": "2007-05-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000335"
},
{
"date": "2007-05-04T05:48:13",
"db": "PACKETSTORM",
"id": "56436"
},
{
"date": "2007-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200705-034"
},
{
"date": "2007-05-02T22:19:00",
"db": "NVD",
"id": "CVE-2007-2462"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-05-04T00:00:00",
"db": "CERT/CC",
"id": "VU#337508"
},
{
"date": "2007-06-15T00:00:00",
"db": "CERT/CC",
"id": "VU#210876"
},
{
"date": "2007-05-03T00:00:00",
"db": "CERT/CC",
"id": "VU#530057"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-25824"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2007-2462"
},
{
"date": "2016-07-06T14:39:00",
"db": "BID",
"id": "23768"
},
{
"date": "2007-05-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000335"
},
{
"date": "2007-05-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200705-034"
},
{
"date": "2024-11-21T00:30:50.973000",
"db": "NVD",
"id": "CVE-2007-2462"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-034"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ASA clientless SSL VPN denial of service vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#337508"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-034"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…