Vulnerability Note VU#5053
Older Versions of Cisco PIX Firewall Manager permits retrieval of files
Overview
A vulnerability in versions of the Cisco PIX Firewall Manager (PFM) in use circa September 1998 allows intruders to retrieve files from the host running PFM.
Description
A vulnerability in the Cisco PIx FIrewall manager allows an intruder to retrieve files from the host running PFM. In typical configurations, the intruder would have to be inside the firewall. Quoting from Cisco Security Notice: Field Notice PIX Firewall Manager File Exposure
The use of the PIX Device Manager is preferred to the use of PFM. |
Impact
If prerequisites are met, attackers can retrieve any file orfiles on the NT host on which PFM is installed, as well as any file or files on network servers accessible through that host's file system. |
Solution
Use the PIX Device Manager instead of the PIX Firewall Manager (PFM). If that is not possible, upgrade to a version of PFM later than 4.2(1), or the latest version. |
Systems Affected
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Cisco | Vulnerable | - | 20 Apr 2002 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
Credit
Our thanks to Cisco for the information in their field notice.
This document was written by Shawn V Hernan.
Other Information
- CVE IDs: CVE-1999-0158
- Date Public: 31 Aug 98
- Date First Published: 03 Jan 2002
- Date Last Updated: 03 Jan 2002
- Severity Metric: 0.63
- Document Revision: 2
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify
