CVE-2007-2461 - OpenCVE

The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Adaptive Security Appliance Software Pix

Configuration 1 [-]

OR	cpe:2.3:h:cisco:pix:7.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/25109
http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html
http://www.kb.cert.org/vuls/id/530057
http://www.osvdb.org/35330
http://www.securityfocus.com/bid/23763
http://www.securitytracker.com/id?1017999
http://www.securitytracker.com/id?1018000
http://www.vupen.com/english/advisories/2007/1635
https://exchange.xforce.ibmcloud.com/vulnerabilities/34026

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-05-02T22:00:00

Updated: 2024-08-07T13:42:32.298Z

Reserved: 2007-05-02T00:00:00

Link: CVE-2007-2461

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-05-02T22:19:00.000

Modified: 2023-08-11T19:02:04.560

Link: CVE-2007-2461

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-05-02T00:00:00", "descriptions": [{"lang": "en", "value": "The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20070502 DHCP Relay Agent Vulnerability in Cisco PIX and ASA Appliances", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html"}, {"name": "23763", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23763"}, {"name": "1017999", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017999"}, {"name": "VU#530057", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/530057"}, {"name": "ADV-2007-1635", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1635"}, {"name": "1018000", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018000"}, {"name": "cisco-asa-dhcp-dos(34026)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34026"}, {"name": "35330", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/35330"}, {"name": "25109", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25109"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2461", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20070502 DHCP Relay Agent Vulnerability in Cisco PIX and ASA Appliances", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html"}, {"name": "23763", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23763"}, {"name": "1017999", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017999"}, {"name": "VU#530057", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/530057"}, {"name": "ADV-2007-1635", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1635"}, {"name": "1018000", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018000"}, {"name": "cisco-asa-dhcp-dos(34026)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34026"}, {"name": "35330", "refsource": "OSVDB", "url": "http://www.osvdb.org/35330"}, {"name": "25109", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25109"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:42:32.298Z"}, "title": "CVE Program Container", "references": [{"name": "20070502 DHCP Relay Agent Vulnerability in Cisco PIX and ASA Appliances", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html"}, {"name": "23763", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23763"}, {"name": "1017999", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017999"}, {"name": "VU#530057", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/530057"}, {"name": "ADV-2007-1635", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1635"}, {"name": "1018000", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018000"}, {"name": "cisco-asa-dhcp-dos(34026)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34026"}, {"name": "35330", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/35330"}, {"name": "25109", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25109"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2461", "datePublished": "2007-05-02T22:00:00", "dateReserved": "2007-05-02T00:00:00", "dateUpdated": "2024-08-07T13:42:32.298Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "95627941-30D8-452F-B6C8-76D2BEE93514", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used."}, {"lang": "es", "value": "El agente transmisor DHCP en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (abandono de paquetes) mediante un mensaje DHCPREQUEST o DHCPINFORM que provoca que m\u00faltiples mensajes DHCPACK sean enviados desde servidores DHCP al agente, lo cual consume la memoria reservada para un b\u00fafer local. NOTA: esta situaci\u00f3n s\u00f3lo se da cuando se usan m\u00faltiples servidores DHCP."}], "id": "CVE-2007-2461", "lastModified": "2023-08-11T19:02:04.560", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-05-02T22:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25109"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/530057"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/35330"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/23763"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1017999"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018000"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/1635"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34026"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}