CVE-2004-1112

The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.

CVSS v2.0 5.1 MEDIUM

5.1^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.ciac.org/ciac/bulletins/p-036.shtml	Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml	Vendor Advisory
http://www.securityfocus.com/bid/11659	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18037

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:security_agent:3:::::::*
	cpe:2.3:a:cisco:security_agent:4.0:::::::*
	cpe:2.3:a:cisco:security_agent:4.0.1:::::::*
	cpe:2.3:a:cisco:security_agent:4.0.2:::::::*
	cpe:2.3:a:cisco:security_agent:4.0.3:::::::*
	cpe:2.3:a:okena:stormwatch:3.x:::::::*

History

No history.

Information

Published : 2005-01-10 05:00

Updated : 2017-07-11 01:30

NVD link : CVE-2004-1112

Mitre link : CVE-2004-1112

CVE.ORG link : CVE-2004-1112

JSON object : View

Products Affected

cisco

security_agent

okena

stormwatch

CWE

NVD-CWE-Other

{"id": "CVE-2004-1112", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2005-01-10T05:00:00.000", "references": [{"url": "http://www.ciac.org/ciac/bulletins/p-036.shtml", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/11659", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18037", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period."}], "lastModified": "2017-07-11T01:30:45.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:security_agent:3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F15A5A49-D0DF-4E65-A86E-7B71E7BF0273"}, {"criteria": "cpe:2.3:a:cisco:security_agent:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1089218C-A480-49CF-A499-5ABDAD017B92"}, {"criteria": "cpe:2.3:a:cisco:security_agent:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FA5B2E7-203D-4340-80C1-3CAF1A15A36C"}, {"criteria": "cpe:2.3:a:cisco:security_agent:4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "612862DD-0FEE-4FBE-8750-EFC7BA22E792"}, {"criteria": "cpe:2.3:a:cisco:security_agent:4.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "845D746E-3269-4E43-836B-486331EC14EB"}, {"criteria": "cpe:2.3:a:okena:stormwatch:3.x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEBF27E6-425B-4B62-BAF4-AF46D2C38C0F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}