CiscoCISCO-SA-20070213-IOSIPSMultiple IOS IPS Vulnerabilities
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.068 Low
EPSS
Percentile
93.8%
The Intrusion Prevention System (IPS) feature set of Cisco IOS® contains several vulnerabilities. These include:
Fragmented IP packets may be used to evade signature inspection.
IPS signatures utilizing the regular expression feature of the ATOMIC.TCP signature engine may cause a router to crash resulting in a denial of service.
There are mitigations and workarounds for these vulnerabilities. Cisco has made free software available to address these vulnerabilities for affected customers.
This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070213-iosips [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070213-iosips”].
Related
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.068 Low
EPSS
Percentile
93.8%