CVE-2003-1001

CWE-3994 documents4 sources

Severity

5.0MEDIUM

EPSS

0.8%

top 26.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Catalyst 6500 Ws-svc-nam-1 Cisco Catalyst 6500 Ws-svc-nam-2 Cisco Catalyst 6500 Ws-x6380-nam +5 more

Timeline

PublishedJan 5

Latest updateApr 29

Description

Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages8 packages

▶NVDcisco/firewall_services_module1.1.2

▶NVDcisco/catalyst_6500_ws-svc-nam-12.2\(1a\), 3.1\(1a\)+1

▶NVDcisco/catalyst_6500_ws-svc-nam-22.2\(1a\), 3.1\(1a\)+1

▶NVDcisco/catalyst_6500_ws-x6380-nam2.1\(2\), 3.1\(1a\)+1

▶NVDcisco/catalyst_7600_ws-svc-nam-12.2\(1a\), 3.1\(1a\)+1

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-82xq-hwgg-3q4m: Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial↗2022-04-29

▶

CVEList

CVE-2003-1001: Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial↗2003-12-17

▶

📋Vendor Advisories

Cisco

Cisco PIX Vulnerabilities↗2003-12-16

▶