[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cluster 07: VEN-ROUTER

To: cve-review@linus.mitre.org
Subject: Cluster 07: VEN-ROUTER
From: "Steven M. Christey" <coley@linus.mitre.org>
Date: Thu, 17 Jun 1999 15:11:16 -0400 (EDT)


This cluster has 10 vulnerabilities.


------------------------------------------
Candidate: CAN-1999-0060
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: NAI:NAI-26
Reference: XF:ascend-config-kill
Reference: ASCEND:http://www.ascend.com/2695.html

Attackers can cause a denial of service in Ascend MAX and Pipeline
routers with a malformed packet to the discard port, which is used by
the Java Configurator tool.

------------------------------------------
Candidate: CAN-1999-0157
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/770/nifrag.shtml

Cisco PIX firewall and CBAC IP fragmentation attack results in a
denial of service.

------------------------------------------
Candidate: CAN-1999-0158
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/770/pixmgrfile-pub.shtml

Cisco PIX firewall manager (PFM) on Windows NT allows attackers to
connect to port 8080 on the PFM server and retrieve any file whose
name and location is known.

------------------------------------------
Candidate: CAN-1999-0159
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/770/ioslogin-pub.shtml

Attackers can crash a Cisco IOS router or device, provided they can
get to an interactive prompt (such as a login).  This applies to some
IOS 9.x, 10.x, and 11.x releases.

------------------------------------------
Candidate: CAN-1999-0160
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/770/chapvuln-pub.shtml
Reference: XF:cisco-chap

Some classic Cisco IOS devices have a vulnerability in the PPP CHAP
authentication to establish unauthorized PPP connections.

------------------------------------------
Candidate: CAN-1999-0161
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/707/1.html
Reference: XF:cisco-acl-tacacs

In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended
IP access control list could bypass filtering.

------------------------------------------
Candidate: CAN-1999-0162
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/707/2.html

The "established" keyword in some Cisco IOS software allowed
an attacker to bypass filtering.

------------------------------------------
Candidate: CAN-1999-0293
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: CISCO:http://www.cisco.com/warp/public/770/aaapair-pub.shtml

AAA authentication on Cisco systems allows attackers to execute
commands without authorization.

------------------------------------------
Candidate: CAN-1999-0430
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: ISS:Remote Denial of Service Vulnerability in Cisco Catalyst Series Ethernet Switches
Reference: CISCO:Cisco Catalyst Supervisor Remote Reload

Cisco Catalyst LAN switches running Catalyst 5000 supervisor software
allows remote attackers to perform a denial of service by forcing the
supervisor module to reload.

------------------------------------------
Candidate: CAN-1999-0445
Proposer: 001
Assigned: 19990617
Announced: 19990617
Category: SF
Reference: CISCO:Cisco IOS(R) Software Input Access List Leakage with NAT

In Cisco routers under some versions of IOS 12.0 running NAT, some
packets may not be filtered by input access list filters.

Prev by Date: Cluster 06: VEN-others
Next by Date: Cluster 08: VEN-BSD
Prev by thread: RE: Cluster 06: VEN-others
Next by thread: Cluster 08: VEN-BSD
Index(es):
- Date
- Thread