CVE-2014-3261

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322.

Published: May 26, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-3261
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.4(1j)	1.4(1j).x
cisco / cg-os	cg4	cg4.x
cisco / cg-os	cg4(1)	cg4(1).x
cisco / nx-os	5.2	5.2.x
cisco / nx-os	5.2(1)	5.2(1).x
cisco / nx-os	5.2(3)	5.2(3).x
cisco / nx-os	5.0	5.0.x
cisco / nx-os	5.0(2)	5.0(2).x
cisco / nx-os	5.0(2)n1(1)	5.0(2)n1(1).x
cisco / nx-os	5.0(2)n2(1)	5.0(2)n2(1).x
cisco / nx-os	5.0(2)n2(1a)	5.0(2)n2(1a).x
cisco / nx-os	5.0(2a)	5.0(2a).x
cisco / nx-os	5.0(3)	5.0(3).x
cisco / nx-os	5.0(3)n1(1)	5.0(3)n1(1).x
cisco / nx-os	5.0(3)n1(1a)	5.0(3)n1(1a).x
cisco / nx-os	5.0(3)n1(1b)	5.0(3)n1(1b).x
cisco / nx-os	5.0(3)n1(1c)	5.0(3)n1(1c).x
cisco / nx-os	5.0(3)n2(1)	5.0(3)n2(1).x
cisco / nx-os	5.0(3)n2(2)	5.0(3)n2(2).x
cisco / nx-os	5.0(3)n2(2a)	5.0(3)n2(2a).x
cisco / nx-os	5.0(3)n2(2b)	5.0(3)n2(2b).x
cisco / nx-os	5.0(3)u1(1a)	5.0(3)u1(1a).x
cisco / nx-os	5.0(3)u1(1b)	5.0(3)u1(1b).x
cisco / nx-os	5.0(3)u1(1d)	5.0(3)u1(1d).x
cisco / nx-os	5.0(3)u1(2)	5.0(3)u1(2).x
cisco / nx-os	5.0(3)u1(2a)	5.0(3)u1(2a).x
cisco / nx-os	5.0(3)u2(1)	5.0(3)u2(1).x
cisco / nx-os	5.0(3)u2(2)	5.0(3)u2(2).x
cisco / nx-os	5.0(3)u2(2a)	5.0(3)u2(2a).x
cisco / nx-os	5.0(3)u2(2b)	5.0(3)u2(2b).x
cisco / nx-os	5.0(3)u2(2c)	5.0(3)u2(2c).x
cisco / nx-os	5.0(3)u2(2d)	5.0(3)u2(2d).x
cisco / nx-os	5.0(3)u3(1)	5.0(3)u3(1).x
cisco / nx-os	5.0(3)u3(2)	5.0(3)u3(2).x
cisco / nx-os	5.0(3)u3(2a)	5.0(3)u3(2a).x
cisco / nx-os	5.0(3)u3(2b)	5.0(3)u3(2b).x
cisco / nx-os	5.0(3)u4(1)	5.0(3)u4(1).x
cisco / nx-os	5.0(3)u5(1)	5.0(3)u5(1).x
cisco / nx-os	5.0(3)u5(1a)	5.0(3)u5(1a).x
cisco / nx-os	5.0(3)u5(1b)	5.0(3)u5(1b).x
cisco / nx-os	5.0(3)u5(1c)	5.0(3)u5(1c).x
cisco / nx-os	5.0(3)u5(1d)	5.0(3)u5(1d).x
cisco / nx-os	5.0(3)u5(1e)	5.0(3)u5(1e).x
cisco / nx-os	5.0(5)	5.0(5).x
cisco / nx-os	5.1	5.1.x
cisco / nx-os	5.1(1)	5.1(1).x
cisco / nx-os	5.1(1a)	5.1(1a).x
cisco / nx-os	5.1(2)	5.1(2).x
cisco / nx-os	5.1(3)	5.1(3).x
cisco / nx-os	4.1.(2)	4.1.(2).x

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos

Vulnerability Database

289,599

CVE-2014-3261