CVE-2002-2140

4 documents4 sources

Severity

5.0MEDIUM

EPSS

2.5%

top 14.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco PIX Firewall Software

Timeline

PublishedDec 31

Latest updateApr 30

Description

Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/pix_firewall_software19 versions+18

Patches

Patch: www.ciac.org ↗Patch: www.cisco.com ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-xg23-cgcw-5j65: Buffer overflow in Cisco PIX Firewall 5↗2022-04-30

▶

CVEList

CVE-2002-2140: Buffer overflow in Cisco PIX Firewall 5↗2005-11-16

▶

💥Exploits & PoCs

Exploit-DB

Symantec Norton Personal Firewall 2002/Kaspersky Labs Anti-Hacker 1.0/BlackIce Server Protection 3.5/BlackICE Defender 2.9 - Auto Block Denial of Service↗2002-10-08

▶