[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-0918

Date: (C)2007-02-13   (M)2017-10-12 


The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.

CVSS Score: 7.1Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE





Reference:
SECTRACK-1017631
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.shtml
BID-22549
SECUNIA-24142
OSVDB-33053
ADV-2007-0597
cisco-ios-ips-dos(32474)
http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.html

CPE    2
cpe:/o:cisco:ios:12.3t
cpe:/h:cisco:ios:12.3yi
CWE    1
CWE-20

© 2013 SecPod Technologies