Cisco Multiple Products Network Analysis Module SNMP Communication Spoofing Vulnerability
BID:22751
Info
Cisco Multiple Products Network Analysis Module SNMP Communication Spoofing Vulnerability
| Bugtraq ID: | 22751 |
| Class: | Design Error |
| CVE: |
CVE-2007-1257 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 28 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
Cisco IOS 12.2ZA Cisco IOS 12.2SY Cisco IOS 12.2SXF Cisco IOS 12.2SXE Cisco IOS 12.2SXD Cisco IOS 12.2SXB Cisco IOS 12.2SXA Cisco IOS 12.2SX Cisco IOS 12.2SGB Cisco IOS 12.2SGA Cisco IOS 12.2SG Cisco IOS 12.2S Cisco IOS 12.2IXB Cisco IOS 12.2IXA Cisco IOS 12.2EWA Cisco IOS 12.2EW Cisco IOS 12.2EU Cisco IOS 12.2 ZU Cisco IOS 12.1EX Cisco IOS 12.1E Cisco CatOS 8.5(5) Cisco CatOS 8.5(4) Cisco CatOS 8.5(3) Cisco CatOS 8.5(2) Cisco CatOS 8.5(1) Cisco CatOS 7.6(19) Cisco CatOS 7.6(18) Cisco CatOS 7.6(17) Cisco CatOS 7.6(16) Cisco CatOS 7.6(15) Cisco Catalyst 6500 Cisco Catalyst 6000 0 Cisco 7600 |
| Not Vulnerable: |
Cisco IOS 12.2(33)SRA2 Cisco IOS 12.2(31)SGA1 Cisco IOS 12.2(25)SG1 Cisco IOS 12.2(20)S Cisco IOS 12.2(18)ZU1 Cisco IOS 12.2(18)SXF5 Cisco IOS 12.2(18)SXE6a Cisco IOS 12.2(18)SXD7a Cisco IOS 12.2(18)S5 Cisco IOS 12.2(18)IXB2 Cisco IOS 12.2(14)S3 Cisco IOS 12.1(27b)E1 Cisco IOS 12.1(26)E8 Cisco IOS 12.1(13)EX Cisco IOS 12.1(12c)EX Cisco CatOS 8.5(6) Cisco CatOS 8.5(5.3) Cisco CatOS 7.6(20) Cisco CatOS 7.6(19.2) |
Discussion
Cisco Multiple Products Network Analysis Module SNMP Communication Spoofing Vulnerability
Multiple Cisco routers that have a NAM (Network Analysis Module) installed are prone to an SNMP communication-spoofing vulnerability.
An attacker can leverage this issue to gain complete control of the affected device.
Cisco Catalyst 6000 and 6500 as well as Cisco 7600 series devices that have a Network Analysis Module installed are affected.
Multiple Cisco routers that have a NAM (Network Analysis Module) installed are prone to an SNMP communication-spoofing vulnerability.
An attacker can leverage this issue to gain complete control of the affected device.
Cisco Catalyst 6000 and 6500 as well as Cisco 7600 series devices that have a Network Analysis Module installed are affected.
Exploit / POC
Cisco Multiple Products Network Analysis Module SNMP Communication Spoofing Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Cisco Multiple Products Network Analysis Module SNMP Communication Spoofing Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the referenced advisory for information on how to obtain and apply these fixes.
Solution:
The vendor has released fixes to address this issue. Please see the referenced advisory for information on how to obtain and apply these fixes.
References
Cisco Multiple Products Network Analysis Module SNMP Communication Spoofing Vulnerability
References:
References: