CVE-2010-2819

Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61622.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/40843	Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f130.shtml

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:cisco:firewall_services_module_software:3.1\(16\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.1\(17\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.2\(13\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.2\(14\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:4.1:::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.2\(3\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:4.0:::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:4.0\(4\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:4.0\(6\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.1\(5\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.2:::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:4.1\(1\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.2\(1\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:4.0\(10\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.1:::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:4.0\(8\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.2\(2\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.1\(6\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:4.0\(7\):::::::*
	cpe:2.3:o:cisco:firewall_services_module_software:3.2\(16\):::::::*

OR	cpe:2.3:h:cisco:catalyst_6500::::::::
	cpe:2.3:h:cisco:catalyst_7600::::::::
	cpe:2.3:h:cisco:firewall_services_module::::::::

Information

Published : 2010-08-09 04:58

Updated : 2010-08-09 21:00

NVD link : CVE-2010-2819

Mitre link : CVE-2010-2819

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

cisco

catalyst_6500
catalyst_7600
firewall_services_module_software
firewall_services_module

7.8 /10