Lucene search

[email protected]CVE-2007-3701

HistoryJul 11, 2007 - 11:30 p.m.

CVE-2007-3701

2007-07-1123:30:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2007-3701

tippingpoint ips

network traffic

vulnerability

remote attack

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.118 Low

EPSS

Percentile

95.4%

JSON

TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode ‘/’ (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack.

Affected configurations

NVD

Node

tippingpointtipping_pointMatch50

tippingpointtipping_pointMatch200

tippingpointtipping_pointMatch200e

tippingpointtipping_pointMatch400

tippingpointtipping_pointMatch600e

tippingpointtipping_pointMatch1200

tippingpointtipping_pointMatch1200e

tippingpointtipping_pointMatch2400e

tippingpointtipping_pointMatch5000e

tippingpointtipping_pointMatchsms

tippingpointtipping_pointMatchx505

tippingpointtipping_pointMatchx506

tippingpointtipping_pointMatchzpha

3comtippingpoint_ips_tosMatch2.1

3comtippingpoint_ips_tosMatch2.1.4.6324

3comtippingpoint_ips_tosMatch2.2

3comtippingpoint_ips_tosMatch2.2.1

3comtippingpoint_ips_tosMatch2.2.1.6506

3comtippingpoint_ips_tosMatch2.2.2

3comtippingpoint_ips_tosMatch2.2.3

3comtippingpoint_ips_tosMatch2.2.4

3comtippingpoint_ips_tosMatch2.5

3comtippingpoint_ips_tosMatch2.5.1

CPENameOperatorVersion
tippingpoint:tipping_pointtippingpoint tipping pointeq50
tippingpoint:tipping_pointtippingpoint tipping pointeq200
tippingpoint:tipping_pointtippingpoint tipping pointeq200e
tippingpoint:tipping_pointtippingpoint tipping pointeq400
tippingpoint:tipping_pointtippingpoint tipping pointeq600e
tippingpoint:tipping_pointtippingpoint tipping pointeq1200
tippingpoint:tipping_pointtippingpoint tipping pointeq1200e
tippingpoint:tipping_pointtippingpoint tipping pointeq2400e
tippingpoint:tipping_pointtippingpoint tipping pointeq5000e
tippingpoint:tipping_pointtippingpoint tipping pointeqsms

CPE	Name	Operator	Version
tippingpoint:tipping_point	tippingpoint tipping point	eq	50
tippingpoint:tipping_point	tippingpoint tipping point	eq	200
tippingpoint:tipping_point	tippingpoint tipping point	eq	200e
tippingpoint:tipping_point	tippingpoint tipping point	eq	400
tippingpoint:tipping_point	tippingpoint tipping point	eq	600e
tippingpoint:tipping_point	tippingpoint tipping point	eq	1200
tippingpoint:tipping_point	tippingpoint tipping point	eq	1200e
tippingpoint:tipping_point	tippingpoint tipping point	eq	2400e
tippingpoint:tipping_point	tippingpoint tipping point	eq	5000e
tippingpoint:tipping_point	tippingpoint tipping point	eq	sms

Rows per page:

1-10 of 231

References

lists.grok.org.uk/pipermail/full-disclosure/2007-July/064550.html

osvdb.org/35970

secunia.com/advisories/26013

security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf

www.3com.com/securityalert/alerts/3COM-07-003.html

www.securityfocus.com/archive/1/473311/100/0/threaded

www.securityfocus.com/bid/24855

www.securitytracker.com/id?1018361

www.vupen.com/english/advisories/2007/2490

exchange.xforce.ibmcloud.com/vulnerabilities/35336

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.118 Low

EPSS

Percentile

95.4%

JSON

Related for CVE-2007-3701

cvelist1 prion1 nvd1 checkpoint_advisories1