CVE-2010-0566 - OpenCVE

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Pix 500 Asa 5500

Configuration 1 [-]

OR	cpe:2.3:h:cisco:asa_5500:7.1:::::::*
	cpe:2.3:h:cisco:asa_5500:7.2:::::::*
	cpe:2.3:h:cisco:asa_5500:8.0:::::::*
	cpe:2.3:h:cisco:asa_5500:8.1:::::::*
	cpe:2.3:h:cisco:asa_5500:8.2:::::::*
	cpe:2.3:h:cisco:pix_500::::::::

References

Link	Resource
http://osvdb.org/62431
http://secunia.com/advisories/38618	Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml	Vendor Advisory
http://www.securityfocus.com/bid/38278
http://www.securitytracker.com/id?1023612
http://www.vupen.com/english/advisories/2010/0415	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/56340

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2010-02-19T17:00:00

Updated: 2017-08-16T14:57:01

Reserved: 2010-02-10T00:00:00

Link: CVE-2010-0566

JSON object: View

NVD Information

Status : Modified

Published: 2010-02-19T17:30:00.880

Modified: 2017-08-17T01:32:01.803

Link: CVE-2010-0566

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-02-17T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"name": "38618", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38618"}, {"name": "cisco-asa-nat-aipssm-dos(56340)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56340"}, {"name": "62431", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/62431"}, {"name": "1023612", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1023612"}, {"name": "38278", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38278"}, {"name": "ADV-2010-0415", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0415"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2010-0566", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"name": "38618", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38618"}, {"name": "cisco-asa-nat-aipssm-dos(56340)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56340"}, {"name": "62431", "refsource": "OSVDB", "url": "http://osvdb.org/62431"}, {"name": "1023612", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1023612"}, {"name": "38278", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38278"}, {"name": "ADV-2010-0415", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0415"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2010-0566", "datePublished": "2010-02-19T17:00:00", "dateReserved": "2010-02-10T00:00:00", "dateUpdated": "2017-08-16T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5500:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "856917BD-179B-4C43-8EA6-034254720B63", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "800D4D6A-0814-4D83-8E66-945687AE58D0", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "0810F1FB-120C-4F4C-A9A7-6AA76227A4AD", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F50FA336-1365-4449-86B6-855C06E4F516", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "3CBF542E-2454-4F54-93F6-8D003E06F9D7", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*", "matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Cisco ASA 5500 Series Adaptive Security Appliance v7.0 anterior a v7.0(8.10), v7.2 anterior a v7.2(4.45), v8.0 anterior a v8.0(4.44), 8.1 anterior a v8.1(2.35), y v8.2 anterior a v8.2(1.10) permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del dispositivo) mediante un segmento TCP incorrecto cuando se utilizan una traducci\u00f3n NAT determinada y las configuraciones de Cisco AIP-SSM, tambi\u00e9n conocido como Bug ID CSCtb37219."}], "id": "CVE-2010-0566", "lastModified": "2017-08-17T01:32:01.803", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-02-19T17:30:00.880", "references": [{"source": "ykramarz@cisco.com", "url": "http://osvdb.org/62431"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38618"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/38278"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id?1023612"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0415"}, {"source": "ykramarz@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56340"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}