Lucene search

[email protected]CVE-2007-2461

HistoryMay 02, 2007 - 10:19 p.m.

CVE-2007-2461

2007-05-0222:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cisco

asa

pix

dhcp

relay agent

dos

cve-2007-2461

6.9 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.039 Low

EPSS

Percentile

92.0%

JSON

The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used.

CPENameOperatorVersion
cisco:pixcisco pixeq7.2
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.2.2

CPE	Name	Operator	Version
cisco:pix	cisco pix	eq	7.2
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.2.2

References

secunia.com/advisories/25109

www.cisco.com/en/US/products/products_security_response09186a0080833172.html

www.kb.cert.org/vuls/id/530057

www.osvdb.org/35330

www.securityfocus.com/bid/23763

www.securitytracker.com/id?1017999

www.securitytracker.com/id?1018000

www.vupen.com/english/advisories/2007/1635

exchange.xforce.ibmcloud.com/vulnerabilities/34026

6.9 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.039 Low

EPSS

Percentile

92.0%

JSON

Related for CVE-2007-2461

cvelist1 cisco1 prion1 securityvulns1