VAR-200501-0159
Vulnerability from variot - Updated: 2025-04-03 22:26The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (process crash) via a certain "unexpected packet sequence.". Cisco CNS Network Registrar is a DNS/DHCP server offered by Cisco. It is available for Microsoft Windows, UNIX, and Linux platforms. These issues affect the Domain Name Service and Dynamic Host Configuration Protocol server components of the CNS Network Registrar. It is reported that an attacker may cause a crash by sending a specially crafted packet sequence to an affected server. These vulnerabilities only affect Cisco CNS Network Registrar for the Microsoft Windows platform. The first issue affects CNS Network Registrar versions 6.0 upto and including 6.1.1.3 and the second issue affects all versions including 6.1.1.3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0159",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "6.1.1.3"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "6.1.1.2"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "6.1.1.1"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "6.1.1"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "6.0.5.4"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "6.0.5.3"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "6.0.5.2"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "6.0.5"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "6.0.4"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "6.0.3"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "6.0.2"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "6.0.1"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "cns network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1.4"
}
],
"sources": [
{
"db": "BID",
"id": "11793"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-015"
},
{
"db": "NVD",
"id": "CVE-2004-1164"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-015"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1164",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-1164",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-9594",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-1164",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-015",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9594",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9594"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-015"
},
{
"db": "NVD",
"id": "CVE-2004-1164"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (process crash) via a certain \"unexpected packet sequence.\". Cisco CNS Network Registrar is a DNS/DHCP server offered by Cisco. It is available for Microsoft Windows, UNIX, and Linux platforms. These issues affect the Domain Name Service and Dynamic Host Configuration Protocol server components of the CNS Network Registrar. It is reported that an attacker may cause a crash by sending a specially crafted packet sequence to an affected server. \nThese vulnerabilities only affect Cisco CNS Network Registrar for the Microsoft Windows platform. The first issue affects CNS Network Registrar versions 6.0 upto and including 6.1.1.3 and the second issue affects all versions including 6.1.1.3",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1164"
},
{
"db": "BID",
"id": "11793"
},
{
"db": "VULHUB",
"id": "VHN-9594"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11793",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-1164",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200501-015",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20041202 CISCO NETWORK REGISTRAR DENIAL OF SERVICE VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "18328",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9594",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9594"
},
{
"db": "BID",
"id": "11793"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-015"
},
{
"db": "NVD",
"id": "CVE-2004-1164"
}
]
},
"id": "VAR-200501-0159",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9594"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:26:14.901000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1164"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11793"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a008036786d.shtml"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18328"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/18328"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/netmgtsw/ps1982/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9594"
},
{
"db": "BID",
"id": "11793"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-015"
},
{
"db": "NVD",
"id": "CVE-2004-1164"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9594"
},
{
"db": "BID",
"id": "11793"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-015"
},
{
"db": "NVD",
"id": "CVE-2004-1164"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-10T00:00:00",
"db": "VULHUB",
"id": "VHN-9594"
},
{
"date": "2004-12-02T00:00:00",
"db": "BID",
"id": "11793"
},
{
"date": "2004-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-015"
},
{
"date": "2005-01-10T05:00:00",
"db": "NVD",
"id": "CVE-2004-1164"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9594"
},
{
"date": "2004-12-02T00:00:00",
"db": "BID",
"id": "11793"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-015"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-1164"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-015"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco CNSNetworkRegistrar lock Remote denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-015"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-015"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…