CVE-2005-0600
CVSS5.0
发布时间 :2005-02-24 00:00:00
修订时间 :2017-07-10 21:32:21
NMCO    

[原文]Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via "crafted IP packets" that are continuously forwarded.


[CNNVD]Cisco Application and Content Networking System 特制IP数据包拒绝服务攻击(CNNVD-200502-091)

        ACNS是CISCO数字媒体交付解决方案,可优化广域网上从数据中心到分支机构的视频流量的交付质量。
        运行Application and Content Networking System (ACNS) 5.0、5.1.13.7之前的5.1或5.2.3.9之前的5.2版本的Cisco设备,可让远程攻击者通过会被不断转发的"特制IP数据包"使系统拒绝服务(带宽消耗)。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:cisco:content_engine:510
cpe:/a:cisco:application_and_content_networking_software:4.1.1Cisco Application and Content Networking Software 4.1.1
cpe:/a:cisco:content_distribution_manager_4630:4.0Cisco Content Distribution Manager 4630 4.0
cpe:/a:cisco:content_distribution_manager_4630:4.1Cisco Content Distribution Manager 4630 4.1
cpe:/a:cisco:content_distribution_manager_4630Cisco Content Distribution Manager 4630
cpe:/a:cisco:content_engine:590
cpe:/a:cisco:content_engine:7320_2.2_.0
cpe:/a:cisco:application_and_content_networking_software:4.2.9Cisco Application and Content Networking Software 4.2.9
cpe:/a:cisco:application_and_content_networking_software:4.1.3Cisco Application and Content Networking Software 4.1.3
cpe:/a:cisco:content_engine_module_for_cisco_router:2600_series
cpe:/a:cisco:application_and_content_networking_software:5.0Cisco Application and Content Networking Software 5.0
cpe:/a:cisco:content_engine:560_4.0
cpe:/a:cisco:content_engine:560_4.1
cpe:/a:cisco:content_distribution_manager_4670Cisco Content Distribution Manager 4670
cpe:/a:cisco:content_delivery_manager:4630
cpe:/a:cisco:content_engine:565
cpe:/a:cisco:content_engine:7320_3.1
cpe:/a:cisco:content_engine:560
cpe:/a:cisco:content_engine:507_3.1
cpe:/o:cisco:content_router_4430:4.0
cpe:/o:cisco:content_router_4430:4.1
cpe:/a:cisco:content_engine:590_4.0
cpe:/a:cisco:application_and_content_networking_software:4.2Cisco Application and Content Networking Software 4.2
cpe:/a:cisco:content_engine:590_4.1
cpe:/h:cisco:content_router_4430Cisco Content Router 4430
cpe:/a:cisco:application_and_content_networking_software:4.0.3Cisco Application and Content Networking Software 4.0.3
cpe:/a:cisco:content_distribution_manager_4650Cisco Content Distribution Manager 4650
cpe:/h:cisco:content_router_4450Cisco Content Router 4450
cpe:/a:cisco:content_distribution_manager_4650:4.0Cisco Content Distribution Manager 4650 4.0
cpe:/a:cisco:content_engine_module_for_cisco_router:3800_series
cpe:/a:cisco:content_engine:560_2.2_.0
cpe:/a:cisco:content_engine:560_3.1
cpe:/a:cisco:content_engine:507
cpe:/a:cisco:content_distribution_manager_4650:4.1Cisco Content Distribution Manager 4650 4.1
cpe:/a:cisco:content_engine:7320_4.1
cpe:/a:cisco:content_engine:590_2.2_.0
cpe:/a:cisco:content_engine:7320_4.0
cpe:/a:cisco:content_delivery_manager:4650
cpe:/a:cisco:content_engine_module_for_cisco_router:3600_series
cpe:/a:cisco:content_engine:507_4.1
cpe:/a:cisco:application_and_content_networking_software:%28acns%29
cpe:/a:cisco:content_engine:507_4.0
cpe:/a:cisco:content_engine_module_for_cisco_router:2800_series
cpe:/a:cisco:application_and_content_networking_software:5.0.1Cisco Application and Content Networking Software 5.0.1
cpe:/a:cisco:content_engine:590_3.1
cpe:/a:cisco:application_and_content_networking_software:5.1Cisco Application and Content Networking Software 5.1
cpe:/a:cisco:application_and_content_networking_software:4.2.11Cisco Application and Content Networking Software 4.2.11
cpe:/a:cisco:content_engine:7320
cpe:/a:cisco:application_and_content_networking_software:5.0.5Cisco Application and Content Networking Software 5.0.5
cpe:/a:cisco:content_engine:507_2.2_.0
cpe:/a:cisco:content_engine:7325
cpe:/a:cisco:application_and_content_networking_software:5.0.3Cisco Application and Content Networking Software 5.0.3
cpe:/a:cisco:content_engine_module_for_cisco_router:3700_series

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0600
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0600
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200502-091
(官方数据源) CNNVD

- 其它链接及资源

http://www.cisco.com/warp/public/707/cisco-sa-20050224-acnsdos.shtml
(VENDOR_ADVISORY)  CISCO  20050224 ACNS Denial of Service and Default Admin Password Vulnerabilities
http://www.securityfocus.com/bid/12648
(VENDOR_ADVISORY)  BID  12648
https://exchange.xforce.ibmcloud.com/vulnerabilities/19470
(UNKNOWN)  XF  cisco-acns-dos(19470)

- 漏洞信息

Cisco Application and Content Networking System 特制IP数据包拒绝服务攻击
中危 其他
2005-02-24 00:00:00 2005-10-20 00:00:00
远程  
        ACNS是CISCO数字媒体交付解决方案,可优化广域网上从数据中心到分支机构的视频流量的交付质量。
        运行Application and Content Networking System (ACNS) 5.0、5.1.13.7之前的5.1或5.2.3.9之前的5.2版本的Cisco设备,可让远程攻击者通过会被不断转发的"特制IP数据包"使系统拒绝服务(带宽消耗)。

- 公告与补丁

        暂无数据

- 漏洞信息

14123
Cisco ACNS Malformed IP Packet Broadcast Amplification DoS
Remote / Network Access Denial of Service
Loss of Availability
Exploit Public

- 漏洞描述

Cisco ACNS contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends specially crafted packet(s) which the ACNS device will continously forward copies of, and will result in loss of availability for the device and/or network.

- 时间线

2005-02-24 Unknow
2005-02-24 Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Cisco has released patches to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站