cvelistv5 - cve-2009-4913

CVE-2009-4913 (GCVE-0-2009-4913)

Vulnerability from cvelistv5

Published

2010-06-29 18:00

Modified

2024-09-16 23:16

Severity ?

CWE

Summary

The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622.

References

URL

Tags

http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:24:52.625Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the \"far side of the box,\" which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-06-29T18:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4913",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the \"far side of the box,\" which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4913",
    "datePublished": "2010-06-29T18:00:00.000Z",
    "dateReserved": "2010-06-29T00:00:00.000Z",
    "dateUpdated": "2024-09-16T23:16:52.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2010-AVI-292

Vulnerability from certfr_avis

De nombreuses vulnérabilités ont été trouvées dans Cisco ASA. Elles permettent de réaliser un déni de service à distance, de contourner la politique de sécurité ou de réaliser de l'injection de code indirecte.

Description

Plusieurs vulnérabilités sont présentes dans Cisco ASA. En particulier :

deux vulnérabilités permettent à une personne malveillante d'injecter du code dans les réponses HTTP émises par le serveur et ainsi de faire exécuter du code dans le navigateur Web de la victime ;
les gestions incorrectes des protocoles IPv6 et SSL permettent à un utilisateur malveillant de contourner la politique de sécurité ;
un problème de traitement des certificats X.509 permet à un utilisateur malveillant d'épuiser la mémoire de l'équipement ;
une vulnérabilité non précisée ainsi qu'un trafic SIP important permettent à un utilisateur malveillant distant de provoquer le redémarrage de l'équipement ;
DTLS, IPsec L2L, les VPN SSL et des paquets TCP malformés sont utilisables par un attaquant pour provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco ASA versions 8.1(1) et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Notes de version Cisco ASA version 8.1(2)

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eCisco ASA versions 8.1(1) et  ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans Cisco ASA. En particulier\u00a0:\n\n-   deux vuln\u00e9rabilit\u00e9s permettent \u00e0 une personne malveillante\n    d\u0027injecter du code dans les r\u00e9ponses HTTP \u00e9mises par le serveur et\n    ainsi de faire ex\u00e9cuter du code dans le navigateur Web de la\n    victime\u00a0;\n-   les gestions incorrectes des protocoles IPv6 et SSL permettent \u00e0 un\n    utilisateur malveillant de contourner la politique de s\u00e9curit\u00e9\u00a0;\n-   un probl\u00e8me de traitement des certificats X.509 permet \u00e0 un\n    utilisateur malveillant d\u0027\u00e9puiser la m\u00e9moire de l\u0027\u00e9quipement\u00a0;\n-   une vuln\u00e9rabilit\u00e9 non pr\u00e9cis\u00e9e ainsi qu\u0027un trafic SIP important\n    permettent \u00e0 un utilisateur malveillant distant de provoquer le\n    red\u00e9marrage de l\u0027\u00e9quipement\u00a0;\n-   DTLS, IPsec L2L, les VPN SSL et des paquets TCP malform\u00e9s sont\n    utilisables par un attaquant pour provoquer un d\u00e9ni de service \u00e0\n    distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-4921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4921"
    },
    {
      "name": "CVE-2009-4917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4917"
    },
    {
      "name": "CVE-2009-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4911"
    },
    {
      "name": "CVE-2009-4919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4919"
    },
    {
      "name": "CVE-2009-4912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4912"
    },
    {
      "name": "CVE-2009-4920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4920"
    },
    {
      "name": "CVE-2009-4916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4916"
    },
    {
      "name": "CVE-2009-4914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4914"
    },
    {
      "name": "CVE-2008-7257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-7257"
    },
    {
      "name": "CVE-2009-4918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4918"
    },
    {
      "name": "CVE-2009-4923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4923"
    },
    {
      "name": "CVE-2009-4915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4915"
    },
    {
      "name": "CVE-2009-4910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4910"
    },
    {
      "name": "CVE-2009-4922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4922"
    },
    {
      "name": "CVE-2009-4913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4913"
    }
  ],
  "initial_release_date": "2010-06-28T00:00:00",
  "last_revision_date": "2010-06-30T00:00:00",
  "links": [],
  "reference": "CERTA-2010-AVI-292",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-06-28T00:00:00.000000"
    },
    {
      "description": "ajout de vuln\u00e9rabilit\u00e9s et de 14 r\u00e9f\u00e9rences CVE.",
      "revision_date": "2010-06-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 trouv\u00e9es dans Cisco ASA. Elles\npermettent de r\u00e9aliser un d\u00e9ni de service \u00e0 distance, de contourner la\npolitique de s\u00e9curit\u00e9 ou de r\u00e9aliser de l\u0027injection de code indirecte.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Cisco ASA",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Notes de version Cisco ASA version 8.1(2)",
      "url": "http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2009-4913 (GCVE-0-2009-4913)

Vulnerability from cvelistv5

CERTA-2010-AVI-292

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature