fkie_cve-2010-0151
Vulnerability from fkie_nvd
Published
2010-02-19 17:30
Modified
2025-04-11 00:51
Severity ?
Summary
The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message.
References
psirt@cisco.comhttp://osvdb.org/62432
psirt@cisco.comhttp://secunia.com/advisories/38621Vendor Advisory
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/38274
psirt@cisco.comhttp://www.securitytracker.com/id?1023609
psirt@cisco.comhttp://www.vupen.com/english/advisories/2010/0418
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/56333
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/62432
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38621Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/38274
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1023609
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0418
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/56333
Impacted products
Vendor Product Version
cisco firewall_services_module 4.0
cisco firewall_services_module 4.0\(4\)
cisco firewall_services_module 4.0\(6\)
cisco 5500_series_adaptive_security_appliance *
cisco 5505_series_adaptive_security_appliance *
cisco 5510_series_adaptive_security_appliance *
cisco 5520_series_adaptive_security_appliance *
cisco 5540_series_adaptive_security_appliance *
cisco 5550_series_adaptive_security_appliance *
cisco 5580_series_adaptive_security_appliance *
cisco asa_5500 *
cisco catalyst_6500 *
cisco catalyst_7600 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firewall_services_module:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "26535762-EE50-4C4F-831E-A0ABFF4ADAF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:firewall_services_module:4.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ADDB8F07-38B4-498D-9455-9414B69A0626",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:firewall_services_module:4.0\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5113E779-7205-4761-9B5D-E6B254F48F49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5505_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE68D7A3-E7A5-4739-8808-2B5FB61F9CED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5510_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38121FAF-1F69-415A-A62D-DBEE90729F01",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5520_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94FFC7A-43F7-4292-864B-56CC978375AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5540_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BC7F46C-AADA-4D82-AA3C-28563A41FCCB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5550_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A592194-AF27-493F-8200-DFB8EAB6BCE8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5580_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1952453-31B6-4FDD-955B-C46C065EB81B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_7600:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D63186-5834-448C-98F2-0C189A11D25D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message."
    },
    {
      "lang": "es",
      "value": "El Cisco Firewall Services Module (FWSM) v4.0 anterior a v4.0(8), que se utiliza en los switches Cisco Catalyst 6500, routers Cisco 7600 y ASA 5500 Adaptive Security Appliances, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue) a trav\u00e9s de mensajes malformados del Skinny Client Control Protocol (SCCP)."
    }
  ],
  "evaluatorImpact": "Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml\r\n\r\n\"All non-fixed 4.x versions of Cisco FWSM Software are affected by this vulnerability if SCCP inspection is enabled. SCCP inspection is enabled by default.\"",
  "id": "CVE-2010-0151",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-02-19T17:30:00.787",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/62432"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38621"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/38274"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1023609"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2010/0418"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/62432"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38274"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0418"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56333"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.