PT-1998-1245 · Cisco · Cisco Pix Firewall

Published

1998-07-15

Updated

2017-07-11

CVE-1999-1582

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Cisco PIX firewall (affected versions not specified)

Description The issue concerns the "established" command on the Cisco PIX firewall, which allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed. This functionality can lead administrators to configure less restrictive access controls than intended if they do not understand it.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1582

Affected Products

Cisco Pix Firewall

PT-1998-1245 · Cisco · Cisco Pix Firewall

CVE-1999-1582

Related Identifiers

Affected Products

References · 4