Vulnerability-Lookup

CVE-2010-0569 (GCVE-0-2010-0569)

Vulnerability from cvelistv5 – Published: 2010-02-19 17:00 – Updated: 2024-08-07 00:52

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

CERTA-2010-AVI-085

Vulnerability from certfr_avis - Published: 2010-02-18 - Updated: 2010-02-18

Plusieurs vulnérabilités de Cisco ASA ont été publiées. Elles sont exploitables par un utilisateur malveillant pour provoquer un déni de service à distance ou pour contourner l'authentification.

Description

Plusieurs vulnérabilités de Cisco ASA ont été publiées :

à la réception de certains segments (PDU) TCP lors de la phase de terminaison d'une connexion TCP, la création de nouvelle connexion peut devenir impossible. Cela permet à un utilisateur malveillant de provoquer un déni de service à distance par épuisement des ressources ;
deux vulnérabilités dans le traitement des paquets SIP en transit permettent à un utilisateur malveillant de provoquer un redémarrage du boîtier Cisco ;
une vulnérabilité dans le traitement des paquets SCCP en transit permet à un utilisateur malveillant de provoquer un redémarrage du boîtier Cisco ;
une vulnérabilité dans le traitement de paquets DTLS malformés à destination du boîtier permet à un utilisateur malveillant de provoquer un redémarrage du boîtier Cisco. Le boîtier doit être configuré pour le transport DTLS et pour WebVPN ;
une vulnérabilité dans le traitement de paquets TCP malformés en transit permet à un utilisateur malveillant, dans des conditions particulières, de provoquer un redémarrage du boîtier Cisco ;
une vulnérabilité dans le traitement des messages IKE permet à un utilisateur de mettre fin à un tunnel IPsec ;
une vulnérabilité affecte les boîtiers configurés pour authentifier des utilisateurs avec le protocole NTLMv1. Elle permet de contourner l'authentification.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco ASA 5500 series.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

GSD-2010-0569

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-0569

Aliases

CVE-2010-0569

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-0569",
    "description": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018.",
    "id": "GSD-2010-0569"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-0569"
      ],
      "details": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018.",
      "id": "GSD-2010-0569",
      "modified": "2023-12-13T01:21:29.025853Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2010-0569",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
          },
          {
            "name": "62435",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/62435"
          },
          {
            "name": "cisco-asa-sip-dos(56337)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56337"
          },
          {
            "name": "38618",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/38618"
          },
          {
            "name": "38281",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/38281"
          },
          {
            "name": "38636",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/38636"
          },
          {
            "name": "1023612",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1023612"
          },
          {
            "name": "ADV-2010-0415",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/0415"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:asa_5500:7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:asa_5500:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:asa_5500:8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:asa_5500:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:asa_5500:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2010-0569"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2010-0415",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0415"
            },
            {
              "name": "1023612",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1023612"
            },
            {
              "name": "38618",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/38618"
            },
            {
              "name": "38281",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/38281"
            },
            {
              "name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
            },
            {
              "name": "38636",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/38636"
            },
            {
              "name": "62435",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/62435"
            },
            {
              "name": "cisco-asa-sip-dos(56337)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56337"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-17T01:32Z",
      "publishedDate": "2010-02-19T17:30Z"
    }
  }
}

GHSA-R29F-FRXQ-QMMP

Vulnerability from github – Published: 2022-05-02 06:13 – Updated: 2022-05-02 06:13

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-0569"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-02-19T17:30:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018.",
  "id": "GHSA-r29f-frxq-qmmp",
  "modified": "2022-05-02T06:13:50Z",
  "published": "2022-05-02T06:13:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0569"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56337"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/62435"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38618"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38636"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/38281"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1023612"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0415"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2010-0569

Vulnerability from fkie_nvd - Published: 2010-02-19 17:30 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://osvdb.org/62435
psirt@cisco.com	http://secunia.com/advisories/38618	Vendor Advisory
psirt@cisco.com	http://secunia.com/advisories/38636	Vendor Advisory
psirt@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/38281
psirt@cisco.com	http://www.securitytracker.com/id?1023612
psirt@cisco.com	http://www.vupen.com/english/advisories/2010/0415	Vendor Advisory
psirt@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/56337
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/62435
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38618	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38636	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38281
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1023612
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0415	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/56337

Impacted products

Vendor	Product	Version
cisco	asa_5500	7.1
cisco	asa_5500	7.2
cisco	asa_5500	8.0
cisco	asa_5500	8.1
cisco	asa_5500	8.2
cisco	pix_500	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "856917BD-179B-4C43-8EA6-034254720B63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "800D4D6A-0814-4D83-8E66-945687AE58D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0810F1FB-120C-4F4C-A9A7-6AA76227A4AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F50FA336-1365-4449-86B6-855C06E4F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBF542E-2454-4F54-93F6-8D003E06F9D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Cisco ASA 5500 Series Adaptive Security Appliance v7.0 anterior a v7.0(8.10), v7.2 anterior a v7.2(4.45), v8.0 anterior a v8.0(5.2), 8.1 anterior a v8.1(2.37), y v8.2 anterior a v8.2(1.16), y Cisco PIX 500 Series Security Appliance, permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del dispositivo) a trav\u00e9s de mensajes SIP con formato incorrecto, tambi\u00e9n conocido como Bug ID CSCtc96018."
    }
  ],
  "id": "CVE-2010-0569",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-02-19T17:30:00.987",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/62435"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38618"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38636"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/38281"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1023612"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0415"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56337"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/62435"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38281"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56337"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201002-0175

Vulnerability from variot - Updated: 2025-04-11 22:54

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018. The problem is Bug ID : CSCtc96018 It is a problem.Unauthorized by a third party SIP Service disruption via message (DoS) There is a possibility of being put into a state. This issue is tracked by Cisco Bug ID CSCtc96018. An attacker can exploit this issue to cause a vulnerable device to crash, denying service to legitimate users.

For more information see vulnerabilities #1, #2, #3, #6, and #7 in: SA38618

SOLUTION: Affected products have reached End of Software Maintenance Releases on July 28, 2009.

1) An error when receiving certain TCP segments while a connection is being terminated can be exploited to make a device unable to accept new TCP connections.

2) Two errors in the Session Initiation Protocol (SIP) inspection feature can be exploited to trigger an appliance reload.

3) An error in the Skinny Client Control Protocol (SCCP) inspection feature can be exploited to trigger an appliance reload.

4) An error in WebVPN can be exploited to trigger an appliance reload via a specially crafted DTLS packet.

5) An error when using the "nailed" option can be exploited to reload an appliance via a specially crafted TCP segment that transits the appliance.

6) An error when parsing Internet Key Exchange (IKE) messages can be exploited to disrupt all IPsec tunnels that terminate on an affected device.

7) An error in the implementation of the NT LAN Manager version 1 (NTLMv1) protocol can be exploited to bypass authentication via a specially crafted username.

SOLUTION: Update to a fixed version. Please see the vendor's advisory for detailed patch information.

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. TPTI-11-05: Adobe Shockwave PFR1 Font Chunk Parsing Remote Code Execution Vulnerability

http://dvlabs.tippingpoint.com/advisory/TPTI-11-05

February 8, 2011

-- CVE ID: CVE-2011-0569

-- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)

-- Affected Vendors: Adobe

-- Affected Products: Adobe Shockwave Player

-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 10825. For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the code responsible for parsing font structures within Director files. While processing data within the PFR1 chunk, the process trusts a size value and compares a sign-extended counter against it within a copy loop. By providing a sufficiently large value, this flaw can be abused by a remote attacker to execute arbitrary code under the context of the user running the browser.

-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:

http://www.adobe.com/support/security/bulletins/apsb11-01.html

-- Disclosure Timeline: 2011-01-24 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory

-- Credit: This vulnerability was discovered by: * Logan Brown and Aaron Portnoy, TippingPoint DVLabs * Luigi Auriemma

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201002-0175",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "asa 5500",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "asa 5500",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.2"
      },
      {
        "model": "asa 5500",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.2"
      },
      {
        "model": "asa 5500",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.1"
      },
      {
        "model": "asa 5500",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.1"
      },
      {
        "model": "pix 500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "adaptive security appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "7.0(8.10)"
      },
      {
        "model": "adaptive security appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "7.2(4.45)"
      },
      {
        "model": "adaptive security appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.0(5.2)"
      },
      {
        "model": "adaptive security appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.1(2.37)"
      },
      {
        "model": "adaptive security appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.2(1.16)"
      },
      {
        "model": "pix 500 series security appliance",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "pix 500",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55007.2(4.45)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.0(5.2)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55007.0.4"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55007.0.4.3"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.2"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.0(5.1)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55007.2"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.2(1.10)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.2(1.16)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.1(2.35)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.1(2.29)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55007.0"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.0"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.2(1.15)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.0(4.38)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.0(4.44)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.1"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55007.0(8.10)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.1(2.37)"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "38281"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-203"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0569"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:cisco:adaptive_security_appliance",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:pix_500",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "38281"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-203"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2010-0569",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2010-0569",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-43174",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-0569",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-0569",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201002-203",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-43174",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-43174"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-203"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0569"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018. The problem is Bug ID : CSCtc96018 It is a problem.Unauthorized by a third party SIP Service disruption via message (DoS) There is a possibility of being put into a state. This issue is tracked by Cisco Bug ID CSCtc96018. \nAn attacker can exploit this issue to cause a vulnerable device to crash, denying service to legitimate users. \n\nFor more information see vulnerabilities #1, #2, #3, #6, and #7 in:\nSA38618\n\nSOLUTION:\nAffected products have reached End of Software Maintenance Releases\non July 28, 2009. \n\n1) An error when receiving certain TCP segments while a connection is\nbeing terminated can be exploited to make a device unable to accept\nnew TCP connections. \n\n2) Two errors in the Session Initiation Protocol (SIP) inspection\nfeature can be exploited to trigger an appliance reload. \n\n3) An error in the Skinny Client Control Protocol (SCCP) inspection\nfeature can be exploited to trigger an appliance reload. \n\n4) An error in WebVPN  can be exploited to trigger an appliance\nreload via a specially crafted DTLS packet. \n\n5) An error when using the \"nailed\" option can be exploited to reload\nan appliance via a specially crafted TCP segment that transits the\nappliance. \n\n6) An error when parsing Internet Key Exchange (IKE) messages can be\nexploited to disrupt all IPsec tunnels that terminate on an affected\ndevice. \n\n7) An error in the implementation of the NT LAN Manager version 1\n(NTLMv1) protocol can be exploited to bypass authentication via a\nspecially crafted username. \n\nSOLUTION:\nUpdate to a fixed version. Please see the vendor\u0027s advisory for\ndetailed patch information. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. TPTI-11-05: Adobe Shockwave PFR1 Font Chunk Parsing Remote Code Execution Vulnerability\n\nhttp://dvlabs.tippingpoint.com/advisory/TPTI-11-05\n\nFebruary 8, 2011\n\n-- CVE ID:\nCVE-2011-0569\n\n-- CVSS:\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\n\n-- Affected Vendors:\nAdobe\n\n-- Affected Products:\nAdobe Shockwave Player\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 10825. \nFor further product information on the TippingPoint IPS, visit:\n\n    http://www.tippingpoint.com\n\n-- Vulnerability Details:\nThis vulnerability allows remote attackers to execute arbitrary code on\nvulnerable installations of the Adobe Shockwave Player. User interaction\nis required to exploit this vulnerability in that the target must visit\na malicious page or open a malicious file. \n\nThe specific flaw exists within the code responsible for parsing font\nstructures within Director files. While processing data within the PFR1\nchunk, the process trusts a size value and compares a sign-extended\ncounter against it within a copy loop. By providing a sufficiently large\nvalue, this flaw can be abused by a remote attacker to execute arbitrary\ncode under the context of the user running the browser. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-01.html\n\n-- Disclosure Timeline:\n2011-01-24 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n    * Logan Brown and Aaron Portnoy, TippingPoint DVLabs\n    * Luigi Auriemma\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0569"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      },
      {
        "db": "BID",
        "id": "38281"
      },
      {
        "db": "VULHUB",
        "id": "VHN-43174"
      },
      {
        "db": "PACKETSTORM",
        "id": "86632"
      },
      {
        "db": "PACKETSTORM",
        "id": "86446"
      },
      {
        "db": "PACKETSTORM",
        "id": "86631"
      },
      {
        "db": "PACKETSTORM",
        "id": "98372"
      }
    ],
    "trust": 2.34
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-43174",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-43174"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-0569",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "38281",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "38618",
        "trust": 2.6
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0415",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1023612",
        "trust": 2.5
      },
      {
        "db": "OSVDB",
        "id": "62435",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "38636",
        "trust": 1.8
      },
      {
        "db": "XF",
        "id": "56337",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001135",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-203",
        "trust": 0.7
      },
      {
        "db": "CISCO",
        "id": "20100217 MULTIPLE VULNERABILITIES IN CISCO ASA 5500 SERIES ADAPTIVE SECURITY APPLIANCES",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "98372",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-43174",
        "trust": 0.1
      },
      {
        "db": "SECUNIA",
        "id": "38621",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "86632",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "86446",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "86631",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-43174"
      },
      {
        "db": "BID",
        "id": "38281"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      },
      {
        "db": "PACKETSTORM",
        "id": "86632"
      },
      {
        "db": "PACKETSTORM",
        "id": "86446"
      },
      {
        "db": "PACKETSTORM",
        "id": "86631"
      },
      {
        "db": "PACKETSTORM",
        "id": "98372"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-203"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0569"
      }
    ]
  },
  "id": "VAR-201002-0175",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-43174"
      }
    ],
    "trust": 0.7368591
  },
  "last_update_date": "2025-04-11T22:54:23.394000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20100217-asa",
        "trust": 0.8,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0569"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/38281"
      },
      {
        "trust": 2.5,
        "url": "http://www.securitytracker.com/id?1023612"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/38618"
      },
      {
        "trust": 2.5,
        "url": "http://www.vupen.com/english/advisories/2010/0415"
      },
      {
        "trust": 2.0,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b1910c.shtml"
      },
      {
        "trust": 1.9,
        "url": "http://osvdb.org/62435"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/38636"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56337"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0569"
      },
      {
        "trust": 0.8,
        "url": "http://xforce.iss.net/xforce/xfdb/56337"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0569"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/ps6120/index.html"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/38618/"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/blog/74"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20100217-fwsm.shtml"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/38621/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/cisco/web/download/index.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/38636/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0569"
      },
      {
        "trust": 0.1,
        "url": "http://dvlabs.tippingpoint.com/advisory/tpti-11-05"
      },
      {
        "trust": 0.1,
        "url": "http://www.tippingpoint.com"
      },
      {
        "trust": 0.1,
        "url": "http://www.adobe.com/support/security/bulletins/apsb11-01.html"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-43174"
      },
      {
        "db": "BID",
        "id": "38281"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      },
      {
        "db": "PACKETSTORM",
        "id": "86632"
      },
      {
        "db": "PACKETSTORM",
        "id": "86446"
      },
      {
        "db": "PACKETSTORM",
        "id": "86631"
      },
      {
        "db": "PACKETSTORM",
        "id": "98372"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-203"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0569"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-43174"
      },
      {
        "db": "BID",
        "id": "38281"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      },
      {
        "db": "PACKETSTORM",
        "id": "86632"
      },
      {
        "db": "PACKETSTORM",
        "id": "86446"
      },
      {
        "db": "PACKETSTORM",
        "id": "86631"
      },
      {
        "db": "PACKETSTORM",
        "id": "98372"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-203"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0569"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-02-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-43174"
      },
      {
        "date": "2010-02-17T00:00:00",
        "db": "BID",
        "id": "38281"
      },
      {
        "date": "2010-03-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      },
      {
        "date": "2010-02-24T08:40:16",
        "db": "PACKETSTORM",
        "id": "86632"
      },
      {
        "date": "2010-02-18T17:45:08",
        "db": "PACKETSTORM",
        "id": "86446"
      },
      {
        "date": "2010-02-24T08:40:13",
        "db": "PACKETSTORM",
        "id": "86631"
      },
      {
        "date": "2011-02-10T08:21:26",
        "db": "PACKETSTORM",
        "id": "98372"
      },
      {
        "date": "2010-02-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201002-203"
      },
      {
        "date": "2010-02-19T17:30:00.987000",
        "db": "NVD",
        "id": "CVE-2010-0569"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-43174"
      },
      {
        "date": "2010-02-17T00:00:00",
        "db": "BID",
        "id": "38281"
      },
      {
        "date": "2010-03-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      },
      {
        "date": "2010-02-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201002-203"
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2010-0569"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "98372"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-203"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Cisco Service disruption in products  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001135"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-203"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-0569 (GCVE-0-2010-0569)

CERTA-2010-AVI-085

Description

Solution

GSD-2010-0569

GHSA-R29F-FRXQ-QMMP

FKIE_CVE-2010-0569

VAR-201002-0175

Tags

Sightings

Nomenclature