Vulnerability Description
The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Pix Firewall | All versions |
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0121.html
- http://marc.info/?l=bugtraq&m=102651159507659&w=2
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0121.html
- http://marc.info/?l=bugtraq&m=102651159507659&w=2
FAQ
What is CVE-2002-0954?
CVE-2002-0954 is a vulnerability with a CVSS score of 7.5 (HIGH). The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords ...
How severe is CVE-2002-0954?
CVE-2002-0954 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0954?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Pix Firewall.