Lucene search

PRIOn knowledge basePRION:CVE-2007-0918

HistoryFeb 14, 2007 - 2:28 a.m.

Design/Logic Flaw

2007-02-1402:28:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.019 Low

EPSS

Percentile

88.4%

JSON

The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.

CPENameOperatorVersion
ioseq12.3.0-ym
ioseq12.3.0-yq
ioseq12.3.0-xr
ioseq12.4.116
ioseq12.3.0-ya
ioseq12.3.0-xs
ioseq12.3.0-xw
ioseq12.4.0-mr
ioseq12.3.0-yj
ioseq12.3.116

Name	Operator	Version
ios	eq	12.3.0-ym
ios	eq	12.3.0-yq
ios	eq	12.3.0-xr
ios	eq	12.4.116
ios	eq	12.3.0-ya
ios	eq	12.3.0-xs
ios	eq	12.3.0-xw
ios	eq	12.4.0-mr
ios	eq	12.3.0-yj
ios	eq	12.3.116

Rows per page:

1-10 of 251

References

osvdb.org/33053

secunia.com/advisories/24142

www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.shtml

www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.html

www.securityfocus.com/bid/22549

www.securitytracker.com/id?1017631

www.vupen.com/english/advisories/2007/0597

exchange.xforce.ibmcloud.com/vulnerabilities/32474

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5832

6.9 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.019 Low

EPSS

Percentile

88.4%

JSON

Related for PRION:CVE-2007-0918