CVE-2007-0917

Severity

64%

Complexity

99%

Confidentiality

81%

The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.

The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.

CVSS 2.0 Base Score 6.4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:N).

Overview

Type

Cisco IOS

First reported 18 years ago

2007-02-14 02:28:00

Last updated 7 years ago

2017-10-11 01:31:00

Affected Software

Cisco IOS 12.3T

12.3t

Cisco IOS 12.3XQ

12.3xq

Cisco IOS 12.3XR

12.3xr

Cisco IOS 12.3XS

12.3xs

Cisco IOS 12.3XW

12.3xw

Cisco IOS 12.3XX

12.3xx

Cisco IOS 12.3XY

12.3xy

Cisco IOS 12.3YA

12.3ya

Cisco IOS 12.3YD

12.3yd

Cisco IOS 12.3YG

12.3yg

Cisco IOS 12.3YH

12.3yh

Cisco IOS 12.3YI

12.3yi

Cisco IOS 12.3YJ

12.3yj

Cisco IOS 12.3YK

12.3yk

Cisco IOS 12.3YM

12.3ym

Cisco IOS 12.3YQ

12.3yq

Cisco IOS 12.3YS

12.3ys

Cisco IOS 12.3YT

12.3yt

Cisco IOS 12.3YX

12.3yx

Cisco IOS 12.3YZ

12.3yz

Cisco IOS 12.4

12.4

Cisco IOS 12.4MR

12.4mr

Cisco IOS 12.4T

12.4t

Cisco IOS 12.4XA

12.4xa

Cisco IOS 12.4XB

12.4xb

References

33052

24142

20070213 Multiple IOS IPS Vulnerabilities

http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.html

22549

1017631

ADV-2007-0597

cisco-ios-ips-security-bypass(32473)

oval:org.mitre.oval:def:5858

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.