CVE-2007-1257: Input Validation
First published: Sat Mar 03 2007(Updated: )
The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Network Analysis Module Software | ||
| Cisco Catalyst 7600 | =2.2\(1a\) | |
| Cisco Catalyst 6000 | =2.2\(1a\) | |
| Cisco Catalyst 7600 | =2.2\(1a\) | |
| Cisco Catalyst 6000 ws-svc-nam-2 | =2.2\(1a\) | |
| Cisco Catalyst 6000 | =2.2\(1a\) | |
| Cisco Catalyst 6500 | =3.1\(1a\) | |
| Cisco Catalyst 6500 ws-x6380-nam | =3.1\(1a\) | |
| Cisco Catalyst 6500 Wireless Services Module | =2.2\(1a\) | |
| Cisco Catalyst 7600 Series | =3.1\(1a\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml
- http://www.kb.cert.org/vuls/id/472412
- http://www.securityfocus.com/bid/22751
- http://www.securitytracker.com/id?1017710
- http://secunia.com/advisories/24344
- http://osvdb.org/33066
- http://www.vupen.com/english/advisories/2007/0783
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32750
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188
Frequently Asked Questions
What is the severity of CVE-2007-1257?
CVE-2007-1257 has a critical severity rating due to its potential for remote command execution.
How do I fix CVE-2007-1257?
To fix CVE-2007-1257, you should upgrade to the latest software version provided by Cisco for the affected devices.
Which Cisco devices are affected by CVE-2007-1257?
CVE-2007-1257 affects various Cisco Catalyst Series 6000, 6500, and 7600 models with the Network Analysis Module.
What type of attack does CVE-2007-1257 enable?
CVE-2007-1257 enables remote attackers to execute arbitrary commands on the affected Cisco devices via spoofed SNMP packets.
Is there a workaround for CVE-2007-1257?
As of now, the recommended approach for CVE-2007-1257 is to apply the official software updates rather than relying on workarounds.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco network analysis module software
- canonical/cisco catalyst 7600
- version/cisco catalyst 7600/2.2\(1a\)
- canonical/cisco catalyst 6000 ws-svc-nam-2
- version/cisco catalyst 6000 ws-svc-nam-2/2.2\(1a\)
- canonical/cisco catalyst 6000
- version/cisco catalyst 6000/2.2\(1a\)
- canonical/cisco catalyst 6500
- version/cisco catalyst 6500/3.1\(1a\)
- canonical/cisco catalyst 6500 ws-x6380-nam
- version/cisco catalyst 6500 ws-x6380-nam/3.1\(1a\)
- canonical/cisco catalyst 6500 wireless services module
- version/cisco catalyst 6500 wireless services module/2.2\(1a\)
- canonical/cisco catalyst 7600 series
- version/cisco catalyst 7600 series/3.1\(1a\)