VAR-200208-0031
Vulnerability from variot - Updated: 2025-04-03 22:33Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. A problem has been discovered in Cisco IOS and MGX switches that could result in a denial of service, and potential code execution. This overflow results due insufficient bounds checking on requested file names. A request for a file name of 700 or more bytes will result a crash of the router, and reboot of the device. On Cisco MGX switches, the TFTP service will fail but the device will continue to function. Cisco IOS versions 12.0 and later are not prone to this issue. Cisco has assigned Cisco Bug ID CSCdy03429 to this vulnerability. Cisco has announced that some MGX switches are also affected by this issue. Cisco has assigned Cisco Bug ID CSCdy03429 to this vulnerability. Cisco routers are widely used Internet routers developed by CISCO, using the Cisco IOS operating system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200208-0031",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "mgx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8830"
},
{
"model": "mgx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8850"
},
{
"model": "mgx pxm1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8850-1.2.11"
},
{
"model": "mgx pxm1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8850-1.2.10"
},
{
"model": "mgx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.11"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "mgx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.10"
}
],
"sources": [
{
"db": "BID",
"id": "5328"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-244"
},
{
"db": "NVD",
"id": "CVE-2002-0813"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kim0 kim0@phenoelit.de",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200208-244"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0813",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2002-0813",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-5204",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0813",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200208-244",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-5204",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5204"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-244"
},
{
"db": "NVD",
"id": "CVE-2002-0813"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. A problem has been discovered in Cisco IOS and MGX switches that could result in a denial of service, and potential code execution. This overflow results due insufficient bounds checking on requested file names. A request for a file name of 700 or more bytes will result a crash of the router, and reboot of the device. \nOn Cisco MGX switches, the TFTP service will fail but the device will continue to function. \nCisco IOS versions 12.0 and later are not prone to this issue. Cisco has assigned Cisco Bug ID CSCdy03429 to this vulnerability. \nCisco has announced that some MGX switches are also affected by this issue. Cisco has assigned Cisco Bug ID CSCdy03429 to this vulnerability. Cisco routers are widely used Internet routers developed by CISCO, using the Cisco IOS operating system",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0813"
},
{
"db": "BID",
"id": "5328"
},
{
"db": "VULHUB",
"id": "VHN-5204"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5204",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5204"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5328",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-0813",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "854",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200208-244",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20020730 TFTP LONG FILENAME VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020727 PHENOELIT ADVISORY, 0815 ++ * - CISCO_TFTP",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020822 CISCO IOS EXPLOIT POC",
"trust": 0.6
},
{
"db": "XF",
"id": "9700",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-75479",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21655",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5204",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5204"
},
{
"db": "BID",
"id": "5328"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-244"
},
{
"db": "NVD",
"id": "CVE-2002-0813"
}
]
},
"id": "VAR-200208-0031",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5204"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:33:14.298000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5204"
},
{
"db": "NVD",
"id": "CVE-2002-0813"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5328"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/284634"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/854"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9700.php"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=103002169829669\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=103002169829669\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtml#revision"
},
{
"trust": 0.3,
"url": "http://www.phenoelit.de/stuff/cisco_tftp.txt"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5204"
},
{
"db": "BID",
"id": "5328"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-244"
},
{
"db": "NVD",
"id": "CVE-2002-0813"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5204"
},
{
"db": "BID",
"id": "5328"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-244"
},
{
"db": "NVD",
"id": "CVE-2002-0813"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-5204"
},
{
"date": "2002-07-27T00:00:00",
"db": "BID",
"id": "5328"
},
{
"date": "2002-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200208-244"
},
{
"date": "2002-08-12T04:00:00",
"db": "NVD",
"id": "CVE-2002-0813"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-5204"
},
{
"date": "2002-07-27T00:00:00",
"db": "BID",
"id": "5328"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200208-244"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-0813"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200208-244"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS TFTP Service Long File Name Remote Buffer Overflow Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200208-244"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200208-244"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…