2 matches found
CVE-2014-0718
Cisco IPS Software is affected by CVE-2014-0718: when the produce-verbose-alert action is enabled, the Analysis Engine can be DoS’d by specially crafted fragmented packets. Affects Cisco IPS Software 7.1 up to 7.1(8)E4 and 7.2 up to 7.2(2)E4. Root cause is improper handling of fragmented packets ...
Cisco IPS Software分析引擎拒绝服务漏洞
Bugtraq ID:65665 CVE ID:CVE-2014-0718 Cisco IPS Software是一款思科开发的入侵防御系统。 Cisco IPS Software produce-verbose-alert代码存在安全漏洞,允许未验证远程攻击者使Analysis引擎变得不稳定。 漏洞是由于在启用produce-verbose-alert动作时分析引擎不正确处理分片报文,攻击者可发送特制的分片报文使受影响系统分析引擎变得不稳定,造成拒绝服务攻击。 0 Cisco IPS Software versions 7.1 Cisco IPS Software versions 7...