Executive Summary
Summary | |
---|---|
Title | Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20071205-csa | First vendor Publication | 2007-10-25 |
Vendor | Cisco | Last vendor Modification | 2007-12-05 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A buffer overflow vulnerability exists in a system driver used by the Cisco Security Agent for Microsoft Windows. This buffer overflow can be exploited remotely and causes corruption of kernel memory, which leads to a Windows stop error (blue screen) or to arbitrary code execution. The vulnerability is triggered during processing of a crafted TCP segment destined to TCP port 139 or 445. These ports are used by the Microsoft Server Message Block (SMB) protocol. Cisco has released free software updates that address this vulnerability. Common Vulnerabilities and Exposures (CVE) identifier CVE-2007-5580 has been assigned to this vulnerability. |
Original Source
Url : http://www.cisco.com/en/US/products/products_security_advisory09186a008090 (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
39521 | Cisco Security Agent for Microsoft Windows Crafted SMB Packet Remote Overflow A remote overflow exists in Cisco Security Agent. The HIPS fails to properly bounds check user input to SMB resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2007-12-19 | IAVM : 2007-T-0052 - Cisco Security Agent for Windows Remote Buffer Overflow Vulnerability Severity : Category I - VMSKEY : V0015592 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-05-02 | Name : The remote Windows host has an application that is affected by a buffer overf... File : cisco_csa_buffer_overflow.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 10:21:52 |
|
2013-11-11 12:37:26 |
|