CVE-2004-1112

The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.

CVSS v2.0 5.1 MEDIUM

5.1^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/11659	Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml	Vendor Advisory
http://www.ciac.org/ciac/bulletins/p-036.shtml	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18037

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:security_agent:3:::::::*
	cpe:2.3:a:cisco:security_agent:4.0:::::::*
	cpe:2.3:a:cisco:security_agent:4.0.3:::::::*
	cpe:2.3:a:okena:stormwatch:3.x:::::::*
	cpe:2.3:a:cisco:security_agent:4.0.1:::::::*
	cpe:2.3:a:cisco:security_agent:4.0.2:::::::*

Information

Published : 2005-01-09 21:00

Updated : 2017-07-10 18:30

NVD link : CVE-2004-1112

Mitre link : CVE-2004-1112

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

okena

stormwatch

cisco

security_agent

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/11659", "name": "11659", "tags": ["Vendor Advisory"], "refsource": "BID"}, {"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml", "name": "20041111 Crafted Timed Attack Evades Cisco Security Agent Protections", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.ciac.org/ciac/bulletins/p-036.shtml", "name": "P-036", "tags": ["Vendor Advisory"], "refsource": "CIAC"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18037", "name": "csa-buffer-protection-bypass(18037)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-1112", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2005-01-10T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:security_agent:3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:okena:stormwatch:3.x:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:30Z"}