Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via "a series of TCP packets."
{"nessus": [{"lastseen": "2021-08-19T12:52:49", "description": "The version of Cisco Security Agent installed on the remote host is affected by an unspecified denial of service (DoS) vulnerability. A remote, unauthenticated attacker can take advantage of this issue by sending specially crafted TCP packets to the remote host.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-18T00:00:00", "type": "nessus", "title": "Cisco Security Agent 5.2 DoS (cisco-sa-20100217-csa)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0148"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:cisco:security_agent"], "id": "CISCO_CSA_SA20100217_LINUX_LOCAL.NASL", "href": "https://www.tenable.com/plugins/nessus/69951", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69951);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/15 20:50:20\");\n\n script_cve_id(\"CVE-2010-0148\");\n script_bugtraq_id(38273);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCtb89870\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20100217-csa\");\n\n script_name(english:\"Cisco Security Agent 5.2 DoS (cisco-sa-20100217-csa)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host has an endpoint security application installed that is\npotentially affected by a denial of service (DoS) vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of Cisco Security Agent installed on the remote host is\naffected by an unspecified denial of service (DoS) vulnerability. A\nremote, unauthenticated attacker can take advantage of this issue by\nsending specially crafted TCP packets to the remote host.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20100217-csa.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Cisco Security Agent 5.2.0.296 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cisco:security_agent\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release)) release = get_kb_item(\"Host/CentOS/release\");\n\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Red Hat or CentOS\");\n\nif (\"Red Hat\" >< release)\n{\n os = \"RedHat\";\n rel = \"Red Hat\";\n}\nelse\n{\n os = \"CentOS\";\n rel = os;\n}\n\nrpms = get_kb_item(\"Host/\"+os+\"/rpm-list\");\nif (isnull(rpms)) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nmatches = egrep(pattern:\"CSAagent-([0-9\\.-]+)\",string:rpms);\nif (!matches) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Cisco Security Agent\");\n\nnon_vuln = make_list();\n\nforeach match (split(matches, keep:FALSE))\n{\n fix = '';\n package = eregmatch(pattern:\"(CSAagent)-([0-9\\.-]+)\",string:match);\n\n if(!isnull(package))\n {\n my_rpm = package[0];\n ver = package[2];\n if (\"-\" >< ver) ver = ereg_replace(pattern:\"-\", replace:\".\", string:ver);\n\n # Only Cisco Security Agent release 5.2 is affected by the DoS vuln\n if (ver =~ \"^5\\.2\\.\" && ver_compare(ver:ver, fix:\"5.2.285\") < 0)\n {\n fix = \"CSAagent-5.2-296\";\n rpm_report_add(package:my_rpm, reference:\"CSAagent-5.2-296\");\n }\n else non_vuln = make_list(non_vuln,my_rpm);\n }\n}\n\nreport = rpm_report_get();\nif (!isnull(report))\n{\n if (report_verbosity > 0)\n {\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse\n{\n rpm_packages = max_index(non_vuln);\n if (rpm_packages ==1) audit(AUDIT_PACKAGE_NOT_AFFECTED, non_vuln[0]);\n else exit(0, \"None of the Cisco Security Agent packages (\" + join(non_vuln, sep:\", \") + \") are affected.\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:53:09", "description": "According to the version identified on the Management Center for Cisco Agents web interface, the version of Cisco Security Agent installed on the remote host is affected by multiple vulnerabilities :\n\n - An unspecified directory traversal vulnerability exists in the Management Center. (CVE-2010-0146)\n\n - An unspecified SQL injection vulnerability exists in the Management Center. (CVE-2010-0147)\n\n - An unspecified denial of service (DoS) vulnerability exists in Cisco Security Agent release 5.2. Note that Windows and Sun Solaris versions are not affected by this issue. (CVE-2010-0148)", "cvss3": {"score": null, "vector": null}, "published": "2013-09-18T00:00:00", "type": "nessus", "title": "Multiple Vulnerabilities in Cisco Security Agent (cisco-sa-20100217-csa)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0146", "CVE-2010-0147", "CVE-2010-0148"], "modified": "2019-11-27T00:00:00", "cpe": ["cpe:/a:cisco:security_agent"], "id": "CISCO_CSA_MANAGEMENT_CENTER_SA20100217.NASL", "href": "https://www.tenable.com/plugins/nessus/69952", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69952);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/27\");\n\n script_cve_id(\"CVE-2010-0146\", \"CVE-2010-0147\", \"CVE-2010-0148\");\n script_bugtraq_id(38271, 38272, 38273);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCtd73275\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCtd73290\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCtb89870\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20100217-csa\");\n\n script_name(english:\"Multiple Vulnerabilities in Cisco Security Agent (cisco-sa-20100217-csa)\");\n script_summary(english:\"Checks Management Center for Cisco Security Agents version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an endpoint security application installed that\nis potentially affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version identified on the Management Center for Cisco\nAgents web interface, the version of Cisco Security Agent installed on\nthe remote host is affected by multiple vulnerabilities :\n\n - An unspecified directory traversal vulnerability exists\n in the Management Center. (CVE-2010-0146)\n\n - An unspecified SQL injection vulnerability exists in the\n Management Center. (CVE-2010-0147)\n\n - An unspecified denial of service (DoS) vulnerability\n exists in Cisco Security Agent release 5.2. Note that\n Windows and Sun Solaris versions are not affected by\n this issue. (CVE-2010-0148)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20100217-csa.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Cisco Security Agent 5.1.0.117 / 5.2.0.296 / 6.0.1.132 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-0146\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22, 89);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cisco:security_agent\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"cisco_csa_management_center_detect.nasl\");\n script_require_keys(\"www/cisco_security_agent\");\n script_require_ports(\"Services/www\", 443);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:443);\nappname = 'Cisco Security Agent';\n\ninstall = get_install_from_kb(\n appname : \"cisco_security_agent\",\n port : port,\n exit_on_fail : TRUE\n);\n\ndir = install[\"dir\"];\nversion = install[\"ver\"];\ninstall_url = build_url(qs:dir, port:port);\n\nif (version == UNKNOWN_VER)\n audit(AUDIT_UNKNOWN_WEB_APP_VER, appname, install_url);\n\nfix = \"\";\nif (version =~ \"^5\\.1\\.\" && ver_compare(ver:version, fix:\"5.1.0.117\") < 0)\n fix = \"5.1.0.117\";\nelse if (version =~ \"^5\\.2\\.\" && ver_compare(ver:version, fix:\"5.2.0.296\") < 0)\n fix = \"5.2.0.296\";\nelse if (version =~ \"^6\\.0\\.\" && ver_compare(ver:version, fix:\"6.0.1.132\") < 0)\n fix = \"6.0.1.132\";\n\nif (fix)\n{\n set_kb_item(name:'www/'+port+'/SQLInjection', value:TRUE);\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' + install_url +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix + '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, install_url, version);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:L/Au:S/C:C/I:N/A:N"}}], "securityvulns": [{"lastseen": "2021-06-08T18:51:30", "bulletinFamily": "software", "cvelist": ["CVE-2010-0147", "CVE-2010-0146", "CVE-2010-0148"], "description": "Directpry traversal, SQL injection, DoS.", "edition": 2, "modified": "2010-02-22T00:00:00", "published": "2010-02-22T00:00:00", "id": "SECURITYVULNS:VULN:10638", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10638", "title": "Cisco Security Agent multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:33", "bulletinFamily": "software", "cvelist": ["CVE-2010-0147", "CVE-2010-0146", "CVE-2010-0148"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nCisco Security Advisory: Multiple Vulnerabilities in Cisco Security\r\nAgent\r\n\r\nAdvisory ID: cisco-sa-20100217-csa\r\n\r\nRevision 1.0\r\n\r\nFor Public Release 2010 February 17 1600 UTC (GMT)\r\n\r\n+---------------------------------------------------------------------\r\n\r\nSummary\r\n=======\r\n\r\nThe Management Center for Cisco Security Agents is affected by a\r\ndirectory traversal vulnerability and a SQL injection vulnerability.\r\nSuccessful exploitation of the directory traversal vulnerability may\r\nallow an authenticated attacker to view and download arbitrary files\r\nfrom the server hosting the Management Center. Successful\r\nexploitation of the SQL injection vulnerability may allow an\r\nauthenticated attacker to execute SQL statements that can cause\r\ninstability of the product or changes in the configuration.\r\n\r\nAdditionally, the Cisco Security Agent is affected by a denial of\r\nservice (DoS) vulnerability. Successful exploitation of the Cisco\r\nSecurity Agent agent DoS vulnerability may cause the affected system\r\nto crash. Repeated exploitation could result in a sustained DoS\r\ncondition.\r\n\r\nThese vulnerabilities are independent of each other.\r\n\r\nCisco has released free software updates that address these\r\nvulnerabilities.\r\n\r\nThis advisory is posted at:\r\n\r\nhttp://www.cisco.com/warp/public/707/cisco-sa-20100217-csa.shtml\r\n\r\nAffected Products\r\n=================\r\n\r\nVulnerable Products\r\n+------------------\r\n\r\nCisco Security Agent releases 5.1, 5.2 and 6.0 are affected by the\r\nSQL injection vulnerability. Only Cisco Security Agent release 6.0 is\r\naffected by the directory traversal vulnerability. Only Cisco\r\nSecurity Agent release 5.2 is affected by the DoS vulnerability.\r\n\r\nNote: Only the Management Center for Cisco Security Agents is\r\naffected by the directory traversal and SQL injection\r\nvulnerabilities. The agents installed on user end-points are not\r\naffected.\r\n\r\nOnly Cisco Security Agent release 5.2 for Windows and Linux, either\r\nmanaged or standalone, are affected by the DoS vulnerability.\r\n\r\nStandalone agents are installed in the following products:\r\n\r\n * Cisco Unified Communications Manager (CallManager)\r\n * Cisco Conference Connection (CCC)\r\n * Emergency Responder\r\n * IPCC Express\r\n * IPCC Enterprise\r\n * IPCC Hosted\r\n * IP Interactive Voice Response (IP IVR)\r\n * IP Queue Manager\r\n * Intelligent Contact Management (ICM)\r\n * Cisco Voice Portal (CVP)\r\n * Cisco Unified Meeting Place\r\n * Cisco Personal Assistant (PA)\r\n * Cisco Unity\r\n * Cisco Unity Connection\r\n * Cisco Unity Bridge\r\n * Cisco Secure ACS Solution Engine\r\n * Cisco Internet Service Node (ISN)\r\n * Cisco Security Manager (CSM)\r\n\r\nNote: The Sun Solaris version of the Cisco Security Agent is not\r\naffected by these vulnerabilities.\r\n\r\nProducts Confirmed Not Vulnerable\r\n+--------------------------------\r\n\r\nThe Sun Solaris version of Cisco Security Agent is not affected by\r\nthese vulnerabilities.\r\n\r\nNo other Cisco products are currently known to be affected by these\r\nvulnerabilities.\r\n\r\nDetails\r\n=======\r\n\r\nThe Cisco Security Agent is a security software agent that provides\r\nthreat protection for server and desktop computing systems. Cisco\r\nSecurity Agents can be standalone agents or can be managed by the\r\nCisco Security Agent Management Center.\r\n\r\nThe Management Center for Cisco Security Agents is affected by a\r\ndirectory traversal vulnerability and a SQL injection vulnerability.\r\n\r\nManagement Center for Cisco Security Agents Directory Traversal Vulnerability\r\n+----------------------------------------------------------------------------\r\n\r\nThe Management Center for Cisco Security Agents is affected by a\r\ndirectory traversal vulnerability that may allow an authenticated\r\nattacker to view and download arbitrary files from the server that is\r\nhosting the Management Center for Cisco Security Agents.\r\n\r\nThis vulnerability is documented in Cisco Bug ID CSCtd73275 and has\r\nbeen assigned the Common Vulnerabilities and Exposures (CVE) identifier\r\nCVE-2010-0146.\r\n\r\nManagement Center for Cisco Security Agents SQL Injection Vulnerability\r\n+----------------------------------------------------------------------\r\n\r\nThe Management Center for Cisco Security Agents is also affected by a\r\nSQL injection vulnerability that may allow an authenticated attacker\r\nto execute SQL statements that can cause the Management Center for\r\nCisco Security Agents to become unstable or modify its configuration.\r\nThese configuration changes may result in modifications to the\r\nsecurity policies of the endpoints. Additionally, an attacker may\r\ncreate, delete, or modify management user accounts that are found in\r\nthe Management Center for Cisco Security Agents.\r\n\r\nThis vulnerability is documented in Cisco Bug ID CSCtd73290 and has been\r\nassigned the Common Vulnerabilities and Exposures (CVE) identifier\r\nCVE-2010-0147.\r\n\r\nCisco Security Agent Denial of Service Vulnerability\r\n+---------------------------------------------------\r\n\r\nCisco Security Agent is affected by a DoS vulnerability that could\r\nallow an unauthenticated attacker to cause a system to crash by\r\nsending a series of TCP packets.\r\n\r\nNote: Only Cisco Security Agent release 5.2 is affected by the DoS\r\nvulnerability. The Sun Solaris version of the Cisco Security Agent is\r\nnot affected by these vulnerabilities.\r\n\r\nThis vulnerability is documented in Cisco Bug ID CSCtb89870 and has\r\nbeen assigned the Common Vulnerabilities and Exposures (CVE) identifier\r\nCVE-2010-0148.\r\n\r\nVulnerability Scoring Details \r\n=============================\r\n\r\nCisco has provided scores for the vulnerabilities in this advisory\r\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\r\nscoring in this Security Advisory is done in accordance with CVSS\r\nversion 2.0.\r\n\r\nCVSS is a standards-based scoring method that conveys vulnerability\r\nseverity and helps determine urgency and priority of response.\r\n\r\nCisco has provided a base and temporal score. Customers can then\r\ncompute environmental scores to assist in determining the impact of\r\nthe vulnerability in individual networks.\r\n\r\nCisco has provided an FAQ to answer additional questions regarding\r\nCVSS at:\r\n\r\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\r\n\r\nCisco has also provided a CVSS calculator to help compute the\r\nenvironmental impact for individual networks at:\r\n\r\nhttp://intellishield.cisco.com/security/alertmanager/cvss\r\n\r\nCSCtd73275 - Directory Traversal in the Management Center for Cisco Security Agents\r\n\r\nCVSS Base Score - 6.8\r\n\r\nAccess Vector - Network\r\nAccess Complexity - Low\r\nAuthentication - Single\r\nConfidentiality Impact - Complete\r\nIntegrity Impact - None\r\nAvailability Impact - None\r\n\r\nCVSS Temporal Score - 5.9\r\n\r\nExploitability - High\r\nRemediation Level - Official-Fix\r\nReport Confidence - Confirmed\r\n\r\nCSCtd73290 - Management Center for Cisco Security Agents: SQL Injection\r\n \r\nCVSS Base Score - 9\r\n\r\nAccess Vector - Network\r\nAccess Complexity - Low\r\nAuthentication - Single\r\nConfidentiality Impact - Complete\r\nIntegrity Impact - Complete\r\nAvailability Impact - Complete\r\n\r\nCVSS Temporal Score - 7.4\r\n\r\nExploitability - Functional\r\nRemediation Level - Official-Fix\r\nReport Confidence - Confirmed\r\n\r\nCSCtb89870 - Kernel Panic When Receiving Certain TCP Packets\r\n\r\nCVSS Base Score - 7.8\r\n\r\nAccess Vector - Network\r\nAccess Complexity - Low\r\nAuthentication - None\r\nConfidentiality Impact - None\r\nIntegrity Impact - None\r\nAvailability Impact - Complete\r\n\r\nCVSS Temporal Score - 6.4\r\n\r\nExploitability - Functional\r\nRemediation Level - Official-Fix\r\nReport Confidence - Confirmed\r\n\r\nImpact\r\n======\r\n\r\nSuccessful exploitation of the directory traversal vulnerability may\r\nallow an authenticated attacker to view and download arbitrary files\r\nfrom the server that is hosting the Management Center for Cisco\r\nSecurity Agents.\r\n\r\nSuccessful exploitation of the SQL injection vulnerability may allow\r\nan authenticated attacker to execute SQL statements that can cause\r\nthe Management Center for Cisco Security Agents to become unstable or\r\nmodify its configuration.\r\n\r\nSuccessful exploitation of the Cisco Security Agent DoS vulnerability\r\nmay cause the affected system to crash. Repeated exploitation could\r\nresult in a sustained DoS condition.\r\n\r\nSoftware Versions and Fixes\r\n===========================\r\n\r\nWhen considering software upgrades, also consult\r\nhttp://www.cisco.com/go/psirt and any subsequent advisories to\r\ndetermine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should exercise caution to be certain the\r\ndevices to be upgraded contain sufficient memory and that current\r\nhardware and software configurations will continue to be supported\r\nproperly by the new release. If the information is not clear, contact\r\nthe Cisco Technical Assistance Center (TAC) or your contracted\r\nmaintenance provider for assistance.\r\n\r\n+-----------------------------------------------------+\r\n| | Cisco | First | |\r\n| Vulnerability | Security | Fixed | Recommended |\r\n| | Agent | Version | Release |\r\n| | Release | | |\r\n|---------------+----------+------------+-------------|\r\n| | 5.1 | Not | Not |\r\n| | | vulnerable | vulnerable |\r\n|Directory |----------+------------+-------------|\r\n| Traversal | 5.2 | Not | Not |\r\n| Vulnerability | | vulnerable | vulnerable |\r\n| |----------+------------+-------------|\r\n| | 6.0 | 6.0.1.132 | 6.0.1.132 |\r\n|---------------+----------+------------+-------------|\r\n| | 5.1 | 5.1.0.117 | 5.1.0.117 |\r\n|SQL Injection |----------+------------+-------------|\r\n| Vulnerability | 5.2 | 5.2.0.296 | 5.2.0.296 |\r\n| |----------+------------+-------------|\r\n| | 6.0 | 6.0.1.132 | 6.0.1.132 |\r\n|---------------+----------+------------+-------------|\r\n| | 5.1 | Not | 5.1.0.117 |\r\n| | | vulnerable | |\r\n|Denial of |----------+------------+-------------|\r\n| Service | 5.2 | 5.2.0.285 | 5.2.0.296 |\r\n|Vulnerability |----------+------------+-------------|\r\n| | 6.0 | Not | 6.0.1.132 |\r\n| | | vulnerable | |\r\n+-----------------------------------------------------+\r\n\r\nCisco CSA software can be downloaded from the following link:\r\n\r\nhttp://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=278065206\r\n\r\nWorkarounds\r\n===========\r\n\r\nThere are no workarounds available to mitigate these vulnerabilities.\r\n\r\nAdditional mitigations that can be deployed on Cisco devices within\r\nthe network are available in the Cisco Applied Intelligence companion\r\ndocument for this Advisory:\r\n\r\nhttp://www.cisco.com/warp/public/707/cisco-amb-20100217-csa.shtml\r\n\r\nObtaining Fixed Software\r\n========================\r\n\r\nCisco has released free software updates that address these\r\nvulnerabilities. Prior to deploying software, customers should\r\nconsult their maintenance provider or check the software for feature\r\nset compatibility and known issues specific to their environment.\r\n\r\nCustomers may only install and expect support for the feature sets\r\nthey have purchased. By installing, downloading, accessing or\r\notherwise using such software upgrades, customers agree to be bound\r\nby the terms of Cisco's software license terms found at:\r\n\r\nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html\r\n\r\nor as otherwise set forth at Cisco.com Downloads at:\r\n\r\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml\r\n\r\nDo not contact psirt@cisco.com or security-alert@cisco.com for\r\nsoftware upgrades.\r\n\r\nCustomers with Service Contracts\r\n+-------------------------------\r\n\r\nCustomers with contracts should obtain upgraded software through\r\ntheir regular update channels. For most customers, this means that\r\nupgrades should be obtained through the Software Center on Cisco's\r\nworldwide website at http://www.cisco.com.\r\n\r\nCustomers using Third Party Support Organizations\r\n+------------------------------------------------\r\n\r\nCustomers whose Cisco products are provided or maintained through\r\nprior or existing agreements with third-party support organizations,\r\nsuch as Cisco Partners, authorized resellers, or service providers\r\nshould contact that support organization for guidance and assistance\r\nwith the appropriate course of action in regards to this advisory.\r\n\r\nThe effectiveness of any workaround or fix is dependent on specific\r\ncustomer situations, such as product mix, network topology, traffic\r\nbehavior, and organizational mission. Due to the variety of affected\r\nproducts and releases, customers should consult with their service\r\nprovider or support organization to ensure any applied workaround or\r\nfix is the most appropriate for use in the intended network before it\r\nis deployed.\r\n\r\nCustomers without Service Contracts\r\n+----------------------------------\r\n\r\nCustomers who purchase direct from Cisco but do not hold a Cisco\r\nservice contract, and customers who purchase through third-party\r\nvendors but are unsuccessful in obtaining fixed software through\r\ntheir point of sale should acquire upgrades by contacting the Cisco\r\nTechnical Assistance Center (TAC). TAC contacts are as follows.\r\n\r\n * +1 800 553 2447 (toll free from within North America)\r\n * +1 408 526 7209 (toll call from anywhere in the world)\r\n * e-mail: tac@cisco.com\r\n\r\nCustomers should have their product serial number available and be\r\nprepared to give the URL of this notice as evidence of entitlement to\r\na free upgrade. Free upgrades for non-contract customers must be\r\nrequested through the TAC.\r\n\r\nRefer to:\r\n\r\nhttp://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html\r\n\r\nfor additional TAC contact information, including localized telephone\r\nnumbers, and instructions and e-mail addresses for use in various\r\nlanguages.\r\n\r\nExploitation and Public Announcements\r\n=====================================\r\n\r\nThe Cisco PSIRT is not aware of any public announcements or malicious\r\nuse of the vulnerabilities described in this advisory.\r\n\r\nThe directory traversal and SQL injection vulnerabilities were\r\ndiscovered and reported to Cisco by Gabriele Giuseppini from Cigital.\r\nCisco PSIRT appreciates the opportunity to work with researchers on\r\nsecurity vulnerabilities and welcomes the opportunity to review and\r\nassist in product reports. The DoS vulnerability was found during\r\ninternal testing.\r\n\r\nStatus of this Notice: FINAL\r\n============================\r\n\r\nTHIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY\r\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\r\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\r\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\r\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\r\nDOCUMENT AT ANY TIME.\r\n\r\nA stand-alone copy or Paraphrase of the text of this document that\r\nomits the distribution URL in the following section is an\r\nuncontrolled copy, and may lack important information or contain\r\nfactual errors.\r\n\r\nDistribution\r\n============\r\n\r\nThis advisory is posted on Cisco's worldwide website at:\r\n\r\nhttp://www.cisco.com/warp/public/707/cisco-sa-20100217-csa.shtml\r\n\r\nIn addition to worldwide web posting, a text version of this notice\r\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\r\nfollowing e-mail and Usenet news recipients.\r\n\r\n * cust-security-announce@cisco.com\r\n * first-bulletins@lists.first.org\r\n * bugtraq@securityfocus.com\r\n * vulnwatch@vulnwatch.org\r\n * cisco@spot.colorado.edu\r\n * cisco-nsp@puck.nether.net\r\n * full-disclosure@lists.grok.org.uk\r\n * comp.dcom.sys.cisco@newsgate.cisco.com\r\n\r\nFuture updates of this advisory, if any, will be placed on Cisco's\r\nworldwide website, but may or may not be actively announced on\r\nmailing lists or newsgroups. Users concerned about this problem are\r\nencouraged to check the above URL for any updates.\r\n\r\nRevision History\r\n================\r\n\r\n+----------------------------------------+\r\n| Revision | | Initial |\r\n| 1.0 | 2010-February-17 | public |\r\n| | | release. |\r\n+----------------------------------------+\r\n\r\nCisco Security Procedures\r\n=========================\r\n\r\nComplete information on reporting security vulnerabilities in Cisco\r\nproducts, obtaining assistance with security incidents, and\r\nregistering to receive security information from Cisco, is available\r\non Cisco's worldwide website at:\r\n\r\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html\r\n\r\nThis includes instructions for press inquiries regarding Cisco security\r\nnotices. All Cisco security advisories are available at:\r\n\r\nhttp://www.cisco.com/go/psirt\r\n-----BEGIN PGP SIGNATURE-----\r\n\r\niD8DBQFLew9U86n/Gc8U/uARAifvAJ9oLuXJY6iy962givBVY7701k4ktACfa3wK\r\nO9O+Q4F1alHxm6CIbUIXkUs=\r\n=+hka\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2010-02-22T00:00:00", "published": "2010-02-22T00:00:00", "id": "SECURITYVULNS:DOC:23272", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23272", "title": "Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Agent", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "cisco": [{"lastseen": "2021-08-25T18:32:27", "description": "", "cvss3": {}, "published": "2010-02-17T16:00:00", "type": "cisco", "title": "Multiple Vulnerabilities in Cisco Security Agent", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0146", "CVE-2010-0147", "CVE-2010-0148"], "modified": "2010-02-17T16:00:00", "id": "CISCO-SA-20100217-CSA", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100217-csa", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}
CVE-2010-0148
