CVE-2009-5038 - OpenCVE

Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Ios

Configuration 1 [-]

cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf
http://www.securityfocus.com/bid/45764
https://exchange.xforce.ibmcloud.com/vulnerabilities/64682

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-01-07T18:00:00

Updated: 2024-08-07T07:24:54.046Z

Reserved: 2011-01-07T00:00:00

Link: CVE-2009-5038

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2011-01-07T19:00:02.360

Modified: 2020-05-13T14:51:11.707

Link: CVE-2009-5038

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-12-21T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a \"corrupted magic value,\" aka Bug ID CSCso05336."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ciscoios-irctraffic-dos(64682)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64682"}, {"name": "45764", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/45764"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-5038", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a \"corrupted magic value,\" aka Bug ID CSCso05336."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ciscoios-irctraffic-dos(64682)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64682"}, {"name": "45764", "refsource": "BID", "url": "http://www.securityfocus.com/bid/45764"}, {"name": "http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf", "refsource": "CONFIRM", "url": "http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T07:24:54.046Z"}, "title": "CVE Program Container", "references": [{"name": "ciscoios-irctraffic-dos(64682)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64682"}, {"name": "45764", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/45764"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-5038", "datePublished": "2011-01-07T18:00:00", "dateReserved": "2011-01-07T00:00:00", "dateUpdated": "2024-08-07T07:24:54.046Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", "matchCriteriaId": "671746C5-0637-43B7-AF80-A82F6FF6376C", "versionEndExcluding": "15.0\\(1\\)xa", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a \"corrupted magic value,\" aka Bug ID CSCso05336."}, {"lang": "es", "value": "Cisco IOS en versiones anteriores a la 15.0(1)XA no maneja apropiadamente el tr\u00e1fico IRC durante un periodo de tiempo espec\u00edfico despu\u00e9s de una recarga inicial, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de un intento de conexi\u00f3n a un servidor IRC determinado. Asunto relacionado con un valor m\u00e1gico corrupto. Tambi\u00e9n conocido como bug Bug ID CSCso05336."}], "id": "CVE-2009-5038", "lastModified": "2020-05-13T14:51:11.707", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-01-07T19:00:02.360", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/45764"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64682"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}