Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1582

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-1999-1582
Last Modified 05 Sep 2008 04:19:52
Published 15 Jul 1998 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-1999-1582

Summary

By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality.

Vulnerable Systems

Application

  • Cisco Pix Firewall


References

CERT-VN - VU#6733

XF - cisco-pix-established-bypass(8052)

CISCO - 19980715 PIX Firewall "established" Command


Last Updated: 27 May 2016 10:35:30