CVE-2007-6500
published 2007-12-20CVE-2007-6500: Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to delete "gateway information" via a request to…
PriorityP427medium4.9CVSS 2.0
AVNACMAuSCPIPAN
EXPLOIT
EPSS
4.48%
90.3th percentile
Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to delete "gateway information" via a request to OpenApi/GatewayVariables.asp.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hosting_controller | hosting_controller | <= 6.1_hotfix_3.3 | — |
CVSS provenance
nvdv2.04.9MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:N
vendor_cisco10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6m5v-5jq3-8vgf: Unspecified vulnerability in Hosting Controller 6
ghsa_unreviewed·2022-05-01
CVE-2007-6500 [MEDIUM] GHSA-6m5v-5jq3-8vgf: Unspecified vulnerability in Hosting Controller 6
Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to delete "gateway information" via a request to OpenApi/GatewayVariables.asp.
Cisco
Application Inspection Vulnerability in Cisco Firewall Services Module
vendor_cisco·2007-12-19·CVSS 7.8
CVE-2007-5584 [HIGH] CWE-399 Application Inspection Vulnerability in Cisco Firewall Services Module
Application Inspection Vulnerability in Cisco Firewall Services Module
A vulnerability exists in the Cisco Firewall Services Module (FWSM) - a
high-speed, integrated firewall module for Cisco Catalyst 6500 switches and
Cisco 7600 Series routers, that may result in a reload of the FWSM. The only
affected FWSM System Software Version is 3.2(3).
There are no known instances of intentional exploitation of this issue.
However, Cisco has observed data streams that appear to be unintentionally
triggering this vulnerability.
Common Vulnerabilities and Exposures (CVE) identifier CVE-2007-5584 has
been assigned to this vulnerability.
Cisco will release software updates that address this vulnerability.
A workaround that mitigates this vulnerability is available.
This advisory is posted at
https://
Cisco
Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
vendor_cisco·2007-02-28·CVSS 3.3
CVE-2007-1258 [LOW] CWE-399 Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
Cisco Catalyst 6500 series systems that are running certain versions of Cisco Internetwork Operating System (IOS) are vulnerable to an attack from a Multi Protocol Label Switching (MPLS) packet. Only the systems that are running in Hybrid Mode (Catalyst OS (CatOS) software on the Supervisor Engine and IOS Software on the Multilayer Switch Feature Card (MSFC)) or running with Cisco IOS Software Modularity are affected.
MPLS packets can only be sent from the local network segment.
This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070228-mpls.
Cisco
Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
vendor_cisco·2007-02-28·CVSS 10.0
CVE-2007-1257 [CRITICAL] Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
Cisco Catalyst 6000, 6500 series and Cisco 7600 series that have a
Network Analysis Module installed are vulnerable to an attack, which could
allow an attacker to gain complete control of the system. Only Cisco Catalyst
systems that have a NAM on them are affected. This vulnerability affects
systems that run Internetwork Operating System (IOS) or Catalyst Operating
System (CatOS).
Cisco has made free software available to address this vulnerability
for affected customers.
This advisory is posted at
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070228-nam.
Cisco
Application Inspection Vulnerability in Cisco Firewall Services Module
vendor_cisco
CVE-2007-5584 Application Inspection Vulnerability in Cisco Firewall Services Module
CVE-2007-5584: Application Inspection Vulnerability in Cisco Firewall Services Module
A vulnerability exists in the Cisco Firewall Services Module (FWSM) - a high-speed, integrated firewall module for Cisco Catalyst 6500 switches and Cisco 7600 Series routers, that may result in a reload of the FWSM. The only affected FWSM System Software Version is 3.2(3). There are no known instances of intentional exploitation of this issue. However, Cisco has observed data streams that appear to be unintentionally triggering this vulnerability. Common Vulnerabilities and Exposures (CVE) identifier CVE-2007-5584 has been assigned to this vulnerability. Cisco will release software updates that address this vulnerability. A workaround that mitigates this vulnerability is available. This advisory is posted
Cisco
Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
vendor_cisco
CVE-2007-1258 Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
CVE-2007-1258: Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
Cisco Catalyst 6500 series systems that are running certain versions of Cisco Internetwork Operating System (IOS) are vulnerable to an attack from a Multi Protocol Label Switching (MPLS) packet. Only the systems that are running in Hybrid Mode (Catalyst OS (CatOS) software on the Supervisor Engine and IOS Software on the Multilayer Switch Feature Card (MSFC)) or running with Cisco IOS Software Modularity are affected. MPLS packets can only be sent from the local network segment. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070228-mpls .
CWE: CWE-399, CWE-399
Bug IDs: CSCef90002, CSCsd37415, CSCef90002
Cisco
Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
vendor_cisco
CVE-2007-1257 Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
CVE-2007-1257: Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
Cisco Catalyst 6000, 6500 series and Cisco 7600 series that have a Network Analysis Module installed are vulnerable to an attack, which could allow an attacker to gain complete control of the system. Only Cisco Catalyst systems that have a NAM on them are affected. This vulnerability affects systems that run Internetwork Operating System (IOS) or Catalyst Operating System (CatOS). Cisco has made free software available to address this vulnerability for affected customers. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070228-nam .
Bug IDs: CSCsd75273, CSCse52951, CSCsd75273, CSCse52951, CSCse39848
No detection rules found.
No writeups or analysis indexed.
http://hostingcontroller.com/english/logs/Post-Hotfix-3_3-sec-Patch-ReleaseNotes.htmlhttp://osvdb.org/44185http://secunia.com/advisories/28973http://securityreason.com/securityalert/3474http://securitytracker.com/id?1019222http://www.securityfocus.com/archive/1/485028/100/0/threadedhttp://www.securityfocus.com/bid/26862https://exchange.xforce.ibmcloud.com/vulnerabilities/39038https://www.exploit-db.com/exploits/4730http://hostingcontroller.com/english/logs/Post-Hotfix-3_3-sec-Patch-ReleaseNotes.htmlhttp://osvdb.org/44185http://secunia.com/advisories/28973http://securityreason.com/securityalert/3474http://securitytracker.com/id?1019222http://www.securityfocus.com/archive/1/485028/100/0/threadedhttp://www.securityfocus.com/bid/26862https://exchange.xforce.ibmcloud.com/vulnerabilities/39038https://www.exploit-db.com/exploits/4730
2007-12-20
Published