CVE-2010-0149

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (prevention of new connections) via crafted TCP segments during termination of the TCP connection that cause the connection to remain in CLOSEWAIT status, aka "TCP Connection Exhaustion Denial of Service Vulnerability."

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/62433
http://secunia.com/advisories/38618	Vendor Advisory
http://secunia.com/advisories/38636	Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml	Vendor Advisory
http://www.securityfocus.com/bid/38275
http://www.securitytracker.com/id?1023612
http://www.vupen.com/english/advisories/2010/0415	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/56336

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:cisco:asa_5500:7.1:::::::*
	cpe:2.3:h:cisco:asa_5500:7.2:::::::*
	cpe:2.3:h:cisco:asa_5500:8.0:::::::*
	cpe:2.3:h:cisco:asa_5500:8.1:::::::*
	cpe:2.3:h:cisco:asa_5500:8.2:::::::*
	cpe:2.3:h:cisco:pix_500::::::::

History

No history.

Information

Published : 2010-02-19 17:30

Updated : 2023-12-10 11:03

NVD link : CVE-2010-0149

Mitre link : CVE-2010-0149

CVE.ORG link : CVE-2010-0149

JSON object : View

Products Affected

cisco

asa_5500
pix_500

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-0149", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-02-19T17:30:00.723", "references": [{"url": "http://osvdb.org/62433", "source": "ykramarz@cisco.com"}, {"url": "http://secunia.com/advisories/38618", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://secunia.com/advisories/38636", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/38275", "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id?1023612", "source": "ykramarz@cisco.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0415", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56336", "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (prevention of new connections) via crafted TCP segments during termination of the TCP connection that cause the connection to remain in CLOSEWAIT status, aka \"TCP Connection Exhaustion Denial of Service Vulnerability.\""}, {"lang": "es", "value": "Vulnerabilidad no especificada en Cisco ASA 5500 Series Adaptive Security Appliance v7.2 anterior a v7.2(4.46), v8.0 anterior a v8.0(4.38), 8.1 anterior a v8.1(2.29), y v8.2 anterior a v8.2(1.15) y Cisco PIX 500 Series Security Appliance, permite a atacantes remotos causar una denegaci\u00f3n de servicio (prevenci\u00f3n de nuevas conexiones), mediante segmentos TCP manipulados durante la terminaci\u00f3n de la conexi\u00f3n TCP que provoca que la conexi\u00f3n permanezca en estado de CLOSEWAIT, tambien conocido como \"Vulnerabilidad de Denegaci\u00f3n de Servicio por Agotamiento de Conexiones TCP\"."}], "lastModified": "2017-08-17T01:31:53.523", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5500:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "856917BD-179B-4C43-8EA6-034254720B63"}, {"criteria": "cpe:2.3:h:cisco:asa_5500:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "800D4D6A-0814-4D83-8E66-945687AE58D0"}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0810F1FB-120C-4F4C-A9A7-6AA76227A4AD"}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F50FA336-1365-4449-86B6-855C06E4F516"}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CBF542E-2454-4F54-93F6-8D003E06F9D7"}, {"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}