Executive Summary

Summary
Title Denial of Service Vulnerability in Cisco Wide Area Application Services (WAAS) Software
Informations
Name cisco-sa-20070718-waas First vendor Publication 2007-06-05
Vendor Cisco Last vendor Modification 2007-07-21
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The Cisco Wide Area Application Services (WAAS) software contains a denial of service (DoS) vulnerability that may cause some devices that run WAAS software (WAE appliance and NM-WAE-502 module) to stop processing all types of traffic, including data traffic and management traffic. This condition may occur if a device running WAAS software is configured for Edge Services, which utilizes Common Internet File System (CIFS) optimization and receives a flood of TCP SYN packets on port 139 or 445.

Original Source

Url : http://www.cisco.com/warp/public/707/cisco-sa-20070718-waas.shtml

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2

Open Source Vulnerability Database (OSVDB)

Id Description
36120 Cisco Wide Area Application Services (WAAS) Edge Services CIFS Optimisation S...

Wide Area Application Services (WAAS) contains a flaw that may allow a remote denial of service. The issue is triggered when a flood of SYN packets is received on ports 139 or 445, and will result in loss of availability for the platform.