Multiple Cisco IOS IPS security vulnerabilities - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Multiple Cisco IOS IPS security vulnerabilities
Published: 14.02.2007
Source: BUGTRAQ
SecurityVulns ID: 7235
Type: remote
Level: 5/10
Description: Protection bypass with fragmented IP packets. DoS if regular expressions are used.

Affected: CISCO : IOS 12.3
CISCO : IOS 12.4
CVE: CVE-2007-0918 (The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (traffic loss) use regular expressions via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.)
CVE-2007-0917 (The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.)

Original document CISCO, Cisco Security Advisory: Multiple IOS IPS Vulnerabilities (14.02.2007)

Discuss: Read or add your comments to this news (0 comments)

test server