CVE-2007-0917

The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://osvdb.org/33052
http://secunia.com/advisories/24142
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.shtml
http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.html
http://www.securityfocus.com/bid/22549
http://www.securitytracker.com/id?1017631
http://www.vupen.com/english/advisories/2007/0597
https://exchange.xforce.ibmcloud.com/vulnerabilities/32473
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5858

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios:12.3t:::::::*
	cpe:2.3:o:cisco:ios:12.3xq:::::::*
	cpe:2.3:o:cisco:ios:12.3xr:::::::*
	cpe:2.3:o:cisco:ios:12.3xs:::::::*
	cpe:2.3:o:cisco:ios:12.3xw:::::::*
	cpe:2.3:o:cisco:ios:12.3xx:::::::*
	cpe:2.3:o:cisco:ios:12.3xy:::::::*
	cpe:2.3:o:cisco:ios:12.3ya:::::::*
	cpe:2.3:o:cisco:ios:12.3yd:::::::*
	cpe:2.3:o:cisco:ios:12.3yg:::::::*
	cpe:2.3:o:cisco:ios:12.3yh:::::::*
	cpe:2.3:o:cisco:ios:12.3yi:::::::*
	cpe:2.3:o:cisco:ios:12.3yj:::::::*
	cpe:2.3:o:cisco:ios:12.3yk:::::::*
	cpe:2.3:o:cisco:ios:12.3ym:::::::*
	cpe:2.3:o:cisco:ios:12.3yq:::::::*
	cpe:2.3:o:cisco:ios:12.3ys:::::::*
	cpe:2.3:o:cisco:ios:12.3yt:::::::*
	cpe:2.3:o:cisco:ios:12.3yx:::::::*
	cpe:2.3:o:cisco:ios:12.3yz:::::::*
	cpe:2.3:o:cisco:ios:12.4:::::::*
	cpe:2.3:o:cisco:ios:12.4mr:::::::*
	cpe:2.3:o:cisco:ios:12.4t:::::::*
	cpe:2.3:o:cisco:ios:12.4xa:::::::*
	cpe:2.3:o:cisco:ios:12.4xb:::::::*

History

No history.

Information

Published : 2007-02-14 02:28

Updated : 2017-10-11 01:31

NVD link : CVE-2007-0917

Mitre link : CVE-2007-0917

CVE.ORG link : CVE-2007-0917

JSON object : View

Products Affected

cisco

ios

CWE

NVD-CWE-Other

{"id": "CVE-2007-0917", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-02-14T02:28:00.000", "references": [{"url": "http://osvdb.org/33052", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24142", "source": "cve@mitre.org"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.shtml", "source": "cve@mitre.org"}, {"url": "http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/22549", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1017631", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/0597", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32473", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5858", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets."}, {"lang": "es", "value": "El Sistema de Prevenci\u00f3n de Intrusi\u00f3n (IPS) para Cisco IOS 12.4XE hasta 12.3T permite a atacantes remotos evitar firmas IPS que utilizan expresiones regulares mediante paquetes fragmentados."}], "lastModified": "2017-10-11T01:31:40.830", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.3t:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0C3B413-76F7-413B-A51F-29834F9DE722"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3xq:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86B9E611-3F06-424C-96EF-EE4997C70AB9"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3xr:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0A5760A-9FFE-4941-B2BD-7DD54B1E1B37"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3xs:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98FE195E-084B-4F4C-800D-850165DED48C"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3xw:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E618BF54-56DC-40FC-A515-3BFB4366F823"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3xx:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1976E53-85A6-494F-B8AC-847E7988850C"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3xy:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D90B78E1-3FC7-4CF6-B0BA-1D4CA0FAB57E"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3ya:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "320C5597-68BE-4899-9EBB-9B4DEE8EA7DB"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3yd:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "520304A4-EB15-42A8-A402-8251A4D2076D"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3yg:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA88C064-898F-4C0D-A266-D7B3509C28A2"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3yh:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "139B1182-61A3-4F3D-9E29-758F27917646"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3yi:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CC3706F-B00A-405E-917E-7FD5217E0501"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3yj:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B46199E-0DF1-4B3F-A29E-1A2FC016F0F5"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3yk:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DF4D0E3-8015-4D6F-8364-B6EEAAE67971"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3ym:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2595DCBA-E6F2-4551-A804-4DBB137F076B"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3yq:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD6DF12B-2A20-4AC5-8EC5-729008D87736"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3ys:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BF9D6B6-E51F-44FF-97E5-15E0C4E9C3D7"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3yt:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A25C42FA-37F4-4B7F-AFCA-D7F081F58CF4"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3yx:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2958873B-A0AB-4EAF-A5CF-8423739FAB07"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3yz:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1938D118-C07F-4BEC-8030-947F099BFCB8"}, {"criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09"}, {"criteria": "cpe:2.3:o:cisco:ios:12.4mr:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7414D32-88A1-416E-A717-3F47B6D1BE74"}, {"criteria": "cpe:2.3:o:cisco:ios:12.4t:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEAD7398-D1B2-47FB-952D-8C3162D5A363"}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xa:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99235FFB-4439-40B2-ADBD-B08E5DBBCCB9"}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xb:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1797E4E-E15C-4148-9B3D-4FF6D1D815AF"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}