fkie_cve-2008-0537
Vulnerability from fkie_nvd
Published
2008-03-27 10:44
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors.
References
psirt@cisco.comhttp://secunia.com/advisories/29559Vendor Advisory
psirt@cisco.comhttp://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtmlVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/28463
psirt@cisco.comhttp://www.securitytracker.com/id?1019716
psirt@cisco.comhttp://www.us-cert.gov/cas/techalerts/TA08-087B.htmlUS Government Resource
psirt@cisco.comhttp://www.vupen.com/english/advisories/2008/1005/references
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/41466
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29559Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28463
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1019716
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-087B.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1005/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/41466
Impacted products
Vendor Product Version
cisco 7600_router *
cisco catalyst_6500 *
cisco me_6524_ethernet_switch *
cisco route_switch_processor rsp720
cisco supervisor_engine sup32
cisco supervisor_engine sup720


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:me_6524_ethernet_switch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6188EAF7-F61F-44D9-8D8A-AED195D045F5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:route_switch_processor:rsp720:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABC994F2-CD1D-4B42-A92F-EF01BBBD59BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:supervisor_engine:sup32:*:*:*:*:*:*:*",
              "matchCriteriaId": "99A3D8A9-FFD2-4DAC-997A-0E118878A360",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:supervisor_engine:sup720:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5ECF6D1-A7AB-4149-943E-F011038F6C40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidades no especificadas en Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), y Route Switch Processor 720 (RSP720) para m\u00faltiples productos de Cisco, cuando utilizan Multi Protocol Label Switching (MPLS) VPN y OSPF sham-link, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cola bloqueada, dispositivo reiniciado, o fuga de memoria) a trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2008-0537",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-03-27T10:44:00.000",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29559"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/28463"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1019716"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2008/1005/references"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41466"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29559"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019716"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1005/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41466"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.