|
| TC: | 12003 | |
| Description: | Cisco products are easily recognized: when they receive a TCP connection request on a certain port (1999), they reject the connection (reset) but include identification information such as "cisco" in the answer. This makes these products easy to identify. | |
| TC Impact: | Gather Info |
| Vulnerability Publication: | N.A. | |
| Advisory Copyright: | N.A. | |
| Summary: | Using an underground scanning utility, an attacker can easily identify Cisco hardware on the network. | |
| Risk: | Medium | |
| CVSS 2.0 metrics: | Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None | |
| CVSS 2.0 Base Score: | 5.0 |
| Vulnerability Impact: |
Gather Info |
|---|
| Host Impact: | Information can be gathered. | |
| Nature of Remediation: | Modify network configuration. |
| Step required to fix the reported vulnerability: | |
***** Solution type: Update Configuration ***** Filter port 1999 at firewall to prevent outside users obtaining this piece of information. |
| References: | ||
| * BUGTRAQ: 19990118 Remote Cisco Identification http://seclists.org/bugtraq/1999/Jan/0215.html |
| CVE Link: |
CVE-1999-0453 |
 |
|---|
| Glossary: |
Firewall Packet Port TCP |
|---|