Lucene search
MitreCVE-2004-1112HistoryJan 10, 2005 - 5:00 a.m.
CVE-2004-1112
2005-01-1005:00:00
mitre
web.nvd.nist.gov
24
cisco security agent
csa
buffer overflow
remote attack
bypass
vulnerability
CVSS2
5.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.005
Percentile
75.3%
The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.
Affected configurations
Node
ciscosecurity_agentMatch3
ORciscosecurity_agentMatch4.0
ORciscosecurity_agentMatch4.0.1
ORciscosecurity_agentMatch4.0.2
ORciscosecurity_agentMatch4.0.3
ORokenastormwatchMatch3.x
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | security_agent | 3 | cpe:2.3:a:cisco:security_agent:3:*:*:*:*:*:*:* |
| cisco | security_agent | 4.0 | cpe:2.3:a:cisco:security_agent:4.0:*:*:*:*:*:*:* |
| cisco | security_agent | 4.0.1 | cpe:2.3:a:cisco:security_agent:4.0.1:*:*:*:*:*:*:* |
| cisco | security_agent | 4.0.2 | cpe:2.3:a:cisco:security_agent:4.0.2:*:*:*:*:*:*:* |
| cisco | security_agent | 4.0.3 | cpe:2.3:a:cisco:security_agent:4.0.3:*:*:*:*:*:*:* |
| okena | stormwatch | 3.x | cpe:2.3:a:okena:stormwatch:3.x:*:*:*:*:*:*:* |
CVSS2
5.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.005
Percentile
75.3%
Related for CVE-2004-1112