CVE-2004-0710 (GCVE-0-2004-0710)

Vulnerability from cvelistv5 – Published: 2004-07-21 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.kb.cert.org/vuls/id/904310 third-party-advisoryx_refsource_CERT-VN
http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/10083 vdb-entryx_refsource_BID
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:24:27.061Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#904310",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/904310"
          },
          {
            "name": "20040408 Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"
          },
          {
            "name": "oval:org.mitre.oval:def:5696",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696"
          },
          {
            "name": "cisco-vpnsm-ike-dos(15797)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15797"
          },
          {
            "name": "10083",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10083"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#904310",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/904310"
        },
        {
          "name": "20040408 Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"
        },
        {
          "name": "oval:org.mitre.oval:def:5696",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696"
        },
        {
          "name": "cisco-vpnsm-ike-dos(15797)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15797"
        },
        {
          "name": "10083",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10083"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0710",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#904310",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/904310"
            },
            {
              "name": "20040408 Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"
            },
            {
              "name": "oval:org.mitre.oval:def:5696",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696"
            },
            {
              "name": "cisco-vpnsm-ike-dos(15797)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15797"
            },
            {
              "name": "10083",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10083"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0710",
    "datePublished": "2004-07-21T04:00:00",
    "dateReserved": "2004-07-20T00:00:00",
    "dateUpdated": "2024-08-08T00:24:27.061Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-0710\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-07-27T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.\"},{\"lang\":\"es\",\"value\":\"El M\u00f3dulo de Servicios de Seguridad VPN (VPNSM) del Cisco Catalyst 6500 Series Switch y el Cisco 7600 Series Internet Routers corriendo IOS anterioreas a 12.2(17b)SXA, anteriores a 12.2(17d)SXB, o anteriores a before 12.2(14)SY03) podr\u00eda permitir a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda y reinicio del dispositivo) mediante un paquete Internet Key Exchange (IKE) malformado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(14\\\\)sy:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD1F4148-E772-4708-8C1F-D67F969C11DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(14\\\\)za:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26835676-2738-47CB-A364-78D1964FEC4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(14\\\\)za2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"209A1BE7-EEFC-476E-84E4-4EFD68DD7E81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(17a\\\\)sxa:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE7F49F3-0A0A-4270-A657-CDE987637684\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2sxa:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7A672BD-87AE-424D-8735-073BBE9CE164\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2sxb:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95C033E3-184B-4AC1-B10D-8318FEAF73FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09458CD7-D430-4957-8506-FAB2A3E2AA65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB\"}]}]}],\"references\":[{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/904310\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/10083\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15797\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/904310\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/10083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15797\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.