Vulnerability CVE-2005-3427
Published: 2005-11-01   Modified: 2012-02-12

Description:
The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit port field values while generating the Cisco IOS IPS configuration file, wich can cause some signatures to be disabled and makes it easier for attackers to escape detection.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Cisco IPS MC Malformed Configuration Download Vulnerability
CISCO
02.11.2005

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Cisco -> Ciscoworks management center for ips sensors 

 References:
http://www.kb.cert.org/vuls/id/154883
http://www.cisco.com/warp/public/707/cisco-sa-20051101-ipsmc.shtml
http://www.vupen.com/english/advisories/2005/2266
http://secunia.com/advisories/17397
http://xforce.iss.net/xforce/xfdb/22926
http://www.securityfocus.com/bid/15269
http://www.osvdb.org/20444
http://securitytracker.com/id?1015133
http://securityreason.com/securityalert/137
Copyright 2024, cxsecurity.com

 

Back to Top