[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-0918

Date: (C)2007-02-13   (M)2017-10-12
 
CVSS Score: 7.1Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE











The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.

Reference:
SECTRACK-1017631
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.shtml
BID-22549
SECUNIA-24142
OSVDB-33053
ADV-2007-0597
cisco-ios-ips-dos(32474)
http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.html

CPE    2
cpe:/o:cisco:ios:12.3t
cpe:/h:cisco:ios:12.3yi
CWE    1
CWE-20

© 2013 SecPod Technologies