Lucene search
K
CiscoIps Sensor Software

9 matches found

CVE
CVE
added 2007/05/16 1:0 a.m.71 views

CVE-2007-2688

The CVE-2007-2688 issue affects Cisco’s Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set. The vulnerability arises from improper handling of certain full-width and half-width Unicode encodings, which could allow remote attackers to evade detection of HTTP traffic. What’s af...

7.8CVSS6.7AI score0.03EPSS
CVE
CVE
added 2014/02/22 9:0 p.m.62 views

CVE-2014-0718

Cisco IPS Software is affected by CVE-2014-0718: when the produce-verbose-alert action is enabled, the Analysis Engine can be DoS’d by specially crafted fragmented packets. Affects Cisco IPS Software 7.1 up to 7.1(8)E4 and 7.2 up to 7.2(2)E4. Root cause is improper handling of fragmented packets ...

7.1CVSS6.7AI score0.01661EPSS
CVE
CVE
added 2014/02/22 9:0 p.m.54 views

CVE-2014-0720

Cisco IPS Software is affected by CVE-2014-0720, where unauthenticated remote attackers can cause a denial of service by flooding the device with jumbo frames, leading to an Analysis Engine process outage. The issue is part of multiple DoS vulnerabilities in Cisco IPS Software 7.1/7.2 prior to th...

7.1CVSS6.7AI score0.01169EPSS
CVE
CVE
added 2014/02/22 9:0 p.m.46 views

CVE-2014-0719

Cisco IPS Software contains a denial-of-service vulnerability (CVE-2014-0719) in the control-plane MainApp. The flaw arises from improper handling of malformed TCP packets sent to the management interface on port 7000, allowing remote unauthenticated attackers to cause the MainApp process outage....

7.8CVSS6.7AI score0.01614EPSS
CVE
CVE
added 2006/07/14 8:0 p.m.43 views

CVE-2006-3596

CVE-2006-3596 affects Cisco IPS 5.1(1)–5.1(p1) on various 42xx appliances, where the Intel-based gigabit NIC driver can be triggered by a crafted IP packet to cause a kernel panic and potential network outage (denial of service). The vulnerability is rooted in the device driver used by Intel-base...

5CVSS6.7AI score0.0178EPSS
CVE
CVE
added 2005/08/23 4:0 a.m.42 views

CVE-2005-2681

Cisco Intrusion Prevention System (IPS) 5.0(1) and 5.0(2) contains an unspecified vulnerability in its command line processing (CLI) logic that could allow local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors. The exact root cause is not publicly detail...

7.2CVSS7AI score0.00397EPSS
CVE
CVE
added 2006/09/21 12:0 a.m.41 views

CVE-2006-4910

The CVE affects Cisco IDS/IPS web administration interfaces. Specifically, Cisco IDS before 4.1(5c) and Cisco IPS before 5.0(6p1) and 5.1 before 5.1(2) are vulnerable to a denial-of-service via a crafted SSLv2 Client Hello that causes the mainApp web management process to become unresponsive. The...

5CVSS6.6AI score0.03511EPSS
CVE
CVE
added 2015/02/21 11:0 a.m.40 views

CVE-2015-0631

Cisco IPS CVE-2015-0631 is a race-condition vulnerability in the SSL/TLS subsystem used by the web management interface. During image upgrading, key/certificate regeneration can be disrupted by a rapid sequence of HTTPS connections to the management interface, allowing a remote attacker to cause ...

7.1CVSS6.9AI score0.01162EPSS
CVE
CVE
added 2006/09/21 12:0 a.m.39 views

CVE-2006-4911

The CVE-2006-4911 issue affects Cisco IPS, specifically versions prior to 5.0(6p2) and 5.1 prior to 5.1(2) when deployed in inline or promiscuous mode. A crafted sequence of fragmented IP packets could bypass traffic inspection, enabling attackers to pass malicious traffic without detection. Reme...

7.5CVSS6.7AI score0.04195EPSS