Cisco IOS Multiple Vulnerabilities

medium Nessus Plugin ID 17776

Synopsis

The remote device is affected by multiple vulnerabilities.

Description

The remote Cisco device is potentially affected by multiple vulnerabilities :

- A cross-site scripting vulnerability can be exploited via unspecified vectors. (CVE-2007-5547)

- Multiple stack-based buffer overflows in Command EXEC allow local users to gain privileges via unspecified vectors. (CVE-2007-5548)

Solution

There are currently no known fixes or patches to address these issues. Refer to Cisco for patch or mitigation options.

Plugin Details

Severity: Medium

ID: 17776

File Name: cisco-20071016-multiple-vulns.nasl

Version: 1.8

Type: local

Family: CISCO

Published: 1/10/2012

Updated: 4/27/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 5.1

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version, Settings/PCI_DSS

Exploit Ease: No known exploits are available

Patch Publication Date: 10/10/2007

Vulnerability Publication Date: 8/16/2007

Reference Information

CVE: CVE-2007-5547, CVE-2007-5548

CWE: 119, 79