CVE-2005-0600
CVSS5.0
发布时间 :2005-02-24 00:00:00
修订时间 :2008-09-05 16:46:46
NMCO    

[原文]Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via "crafted IP packets" that are continuously forwarded.


[CNNVD]Cisco Application and Content Networking System 特制IP数据包拒绝服务攻击(CNNVD-200502-091)

        ACNS是CISCO数字媒体交付解决方案,可优化广域网上从数据中心到分支机构的视频流量的交付质量。
        运行Application and Content Networking System (ACNS) 5.0、5.1.13.7之前的5.1或5.2.3.9之前的5.2版本的Cisco设备,可让远程攻击者通过会被不断转发的"特制IP数据包"使系统拒绝服务(带宽消耗)。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:cisco:application_and_content_networking_software:4.2.9Cisco Application and Content Networking Software 4.2.9
cpe:/a:cisco:application_and_content_networking_software:5.1Cisco Application and Content Networking Software 5.1
cpe:/a:cisco:content_engine:560_4.0
cpe:/a:cisco:content_engine:560_2.2_.0
cpe:/a:cisco:content_engine:590_2.2_.0
cpe:/a:cisco:application_and_content_networking_software:4.2.11Cisco Application and Content Networking Software 4.2.11
cpe:/a:cisco:content_distribution_manager_4630:4.0Cisco Content Distribution Manager 4630 4.0
cpe:/a:cisco:content_engine:7320_3.1
cpe:/a:cisco:application_and_content_networking_software:5.0.5Cisco Application and Content Networking Software 5.0.5
cpe:/a:cisco:content_engine:7325
cpe:/h:cisco:content_router_4450Cisco Content Router 4450
cpe:/h:cisco:content_router_4430Cisco Content Router 4430
cpe:/a:cisco:content_engine_module_for_cisco_router:3800_series
cpe:/a:cisco:content_distribution_manager_4650:4.1Cisco Content Distribution Manager 4650 4.1
cpe:/a:cisco:content_delivery_manager:4630
cpe:/a:cisco:content_engine:7320_4.0
cpe:/a:cisco:content_engine:7320_2.2_.0
cpe:/a:cisco:content_distribution_manager_4650Cisco Content Distribution Manager 4650
cpe:/a:cisco:content_distribution_manager_4630Cisco Content Distribution Manager 4630
cpe:/a:cisco:content_engine:565
cpe:/o:cisco:content_router_4430:4.0
cpe:/a:cisco:content_engine:560
cpe:/a:cisco:content_engine_module_for_cisco_router:3700_series
cpe:/a:cisco:application_and_content_networking_software:5.0Cisco Application and Content Networking Software 5.0
cpe:/o:cisco:content_router_4430:4.1
cpe:/a:cisco:content_engine:7320
cpe:/a:cisco:content_engine:7320_4.1
cpe:/a:cisco:content_engine:507
cpe:/a:cisco:content_engine_module_for_cisco_router:2800_series
cpe:/a:cisco:content_engine_module_for_cisco_router:3600_series
cpe:/a:cisco:content_engine:560_4.1
cpe:/a:cisco:content_delivery_manager:4650
cpe:/a:cisco:content_distribution_manager_4650:4.0Cisco Content Distribution Manager 4650 4.0
cpe:/a:cisco:content_engine:590
cpe:/a:cisco:content_engine_module_for_cisco_router:2600_series
cpe:/a:cisco:content_distribution_manager_4630:4.1Cisco Content Distribution Manager 4630 4.1
cpe:/a:cisco:content_engine:507_4.1
cpe:/a:cisco:application_and_content_networking_software:5.0.1Cisco Application and Content Networking Software 5.0.1
cpe:/a:cisco:content_engine:510
cpe:/a:cisco:content_engine:560_3.1
cpe:/a:cisco:application_and_content_networking_software:4.1.1Cisco Application and Content Networking Software 4.1.1
cpe:/a:cisco:content_engine:590_4.1
cpe:/a:cisco:application_and_content_networking_software:%28acns%29
cpe:/a:cisco:content_engine:507_4.0
cpe:/a:cisco:content_engine:590_3.1
cpe:/a:cisco:content_engine:590_4.0
cpe:/a:cisco:content_engine:507_2.2_.0
cpe:/a:cisco:application_and_content_networking_software:5.0.3Cisco Application and Content Networking Software 5.0.3
cpe:/a:cisco:application_and_content_networking_software:4.2Cisco Application and Content Networking Software 4.2
cpe:/a:cisco:content_distribution_manager_4670Cisco Content Distribution Manager 4670
cpe:/a:cisco:application_and_content_networking_software:4.0.3Cisco Application and Content Networking Software 4.0.3
cpe:/a:cisco:content_engine:507_3.1
cpe:/a:cisco:application_and_content_networking_software:4.1.3Cisco Application and Content Networking Software 4.1.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0600
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0600
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200502-091
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/19470
(VENDOR_ADVISORY)  XF  cisco-acns-dos(19470)
http://www.securityfocus.com/bid/12648
(VENDOR_ADVISORY)  BID  12648
http://www.cisco.com/warp/public/707/cisco-sa-20050224-acnsdos.shtml
(VENDOR_ADVISORY)  CISCO  20050224 ACNS Denial of Service and Default Admin Password Vulnerabilities
http://secunia.com/advisories/14395
(VENDOR_ADVISORY)  SECUNIA  14395

- 漏洞信息

Cisco Application and Content Networking System 特制IP数据包拒绝服务攻击
中危 其他
2005-02-24 00:00:00 2005-10-20 00:00:00
远程  
        ACNS是CISCO数字媒体交付解决方案,可优化广域网上从数据中心到分支机构的视频流量的交付质量。
        运行Application and Content Networking System (ACNS) 5.0、5.1.13.7之前的5.1或5.2.3.9之前的5.2版本的Cisco设备,可让远程攻击者通过会被不断转发的"特制IP数据包"使系统拒绝服务(带宽消耗)。

- 公告与补丁

        暂无数据

- 漏洞信息

14123
Cisco ACNS Malformed IP Packet Broadcast Amplification DoS
Remote / Network Access Denial of Service
Loss of Availability
Exploit Public

- 漏洞描述

Cisco ACNS contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends specially crafted packet(s) which the ACNS device will continously forward copies of, and will result in loss of availability for the device and/or network.

- 时间线

2005-02-24 Unknow
2005-02-24 Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Cisco has released patches to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站