Vulnerability Name:

CVE-2003-0982 (CCN-13945)

Assigned:2003-12-10
Published:2003-12-10
Updated:2018-10-30
Summary:Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2003-0982

Source: CCN
Type: SA10409
Cisco ACNS Authentication Module Buffer Overflow Vulnerability

Source: SECUNIA
Type: UNKNOWN
10409

Source: CCN
Type: CIAC Information Bulletin O-036
CISCO Authentication Library in ACNS Vulnerability

Source: CCN
Type: Cisco Systems Inc. Security Advisory, 47184, 2003 December 10 16:00 UTC (GMT)
Vulnerability in Authentication Library for ACNS

Source: CISCO
Type: Patch, Vendor Advisory
20031210 Vulnerability in Authentication Library for ACNS

Source: CCN
Type: US-CERT VU#352462
Cisco ACNS contains buffer overflow vulnerability in the authentication module when supplied an overly long password

Source: CERT-VN
Type: US Government Resource
VU#352462

Source: CCN
Type: OSVDB ID: 2957
Cisco ACNS Authentication Module Overflow

Source: BID
Type: Patch, Vendor Advisory
9187

Source: CCN
Type: BID-9187
Cisco ACNS Authentication Library Remote Buffer Overrun Vulnerability

Source: XF
Type: UNKNOWN
cisco-acns-password-bo(13945)

Source: XF
Type: UNKNOWN
cisco-acns-password-bo(13945)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:application_and_content_networking_software:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4670:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_2.2_.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_2.2_.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_2.2_.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_2.2_.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine_module:for_cisco_router_2600_series:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine_module:for_cisco_router_3600_series:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine_module:for_cisco_router_3700_series:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:enterprise_content_delivery_network_software:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:enterprise_content_delivery_network_software:4.1:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:content_router_4430:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:content_router_4450:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:cisco:content_engine:507:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:4.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:4.1:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:content_router_4430:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4670:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_4.1:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:content_router_4450:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco application and content networking software 4.0.3
    cisco application and content networking software 4.1.1
    cisco application and content networking software 4.1.3
    cisco application and content networking software 4.2
    cisco application and content networking software 4.2.7
    cisco application and content networking software 4.2.9
    cisco application and content networking software 5.0
    cisco application and content networking software 5.0.1
    cisco application and content networking software 5.0.3
    cisco content distribution manager 4630 *
    cisco content distribution manager 4630 4.0
    cisco content distribution manager 4630 4.1
    cisco content distribution manager 4650 *
    cisco content distribution manager 4650 4.0
    cisco content distribution manager 4650 4.1
    cisco content distribution manager 4670 *
    cisco content engine 507
    cisco content engine 507_2.2_.0
    cisco content engine 507_3.1
    cisco content engine 507_4.0
    cisco content engine 507_4.1
    cisco content engine 560
    cisco content engine 560_2.2_.0
    cisco content engine 560_3.1
    cisco content engine 560_4.0
    cisco content engine 560_4.1
    cisco content engine 590
    cisco content engine 590_2.2_.0
    cisco content engine 590_3.1
    cisco content engine 590_4.0
    cisco content engine 590_4.1
    cisco content engine 7320
    cisco content engine 7320_2.2_.0
    cisco content engine 7320_3.1
    cisco content engine 7320_4.0
    cisco content engine 7320_4.1
    cisco content engine module for_cisco_router_2600_series
    cisco content engine module for_cisco_router_3600_series
    cisco content engine module for_cisco_router_3700_series
    cisco enterprise content delivery network software 4.0
    cisco enterprise content delivery network software 4.1
    cisco content router 4430 *
    cisco content router 4450 *
    cisco content engine 507
    cisco content engine 560
    cisco content engine 590
    cisco content engine 7320
    cisco content distribution manager 4630 *
    cisco content distribution manager 4650 *
    cisco application and content networking software 5.0
    cisco application and content networking software 4.0.3
    cisco application and content networking software 4.1.1
    cisco application and content networking software 4.1.3
    cisco application and content networking software 4.2
    cisco application and content networking software 4.2.7
    cisco application and content networking software 4.2.9
    cisco application and content networking software 5.0.1
    cisco application and content networking software 5.0.3
    cisco content distribution manager 4630 4.0
    cisco content distribution manager 4630 4.1
    cisco content distribution manager 4650 4.0
    cisco content distribution manager 4650 4.1
    cisco content router 4430 *
    cisco content distribution manager 4670 *
    cisco content engine 507_2.2.0
    cisco content engine 507_3.1
    cisco content engine 507_4.0
    cisco content engine 507_4.1
    cisco content engine 560_2.2.0
    cisco content engine 560_3.1
    cisco content engine 560_4.0
    cisco content engine 560_4.1
    cisco content engine 590_2.2.0
    cisco content engine 590_3.1
    cisco content engine 590_4.0
    cisco content engine 590_4.1
    cisco content engine 7320_2.2.0
    cisco content engine 7320_3.1
    cisco content engine 7320_4.0
    cisco content engine 7320_4.1
    cisco content router 4450 *