Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4430

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-4430
Last Modified 18 May 2011 12:00:00
Published 20 Aug 2007 03:17:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4430

Summary

Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access.

Vulnerable Systems

Operating System

  • Cisco Cbos

  • Cisco Cbos 12.1

  • Cisco Cbos 12.2

  • Cisco Ids

  • Cisco Ios 10.0

  • Cisco Ios 10.3

  • Cisco Ios 11.0

  • Cisco Ios 11.1

  • Cisco Ios 11.2

  • Cisco Ios 12.0

  • Cisco Ios 12.1

  • Cisco Ios 12.2

  • Cisco Ios 12.3

  • Cisco Ios 12.4

  • Cisco Ios Xr

  • Cisco Ios Xr 2.0

  • Cisco Ios Xr 3.0

  • Cisco Ios Xr 3.1

  • Cisco Ios Xr 3.2

  • Cisco Ios Xr 3.3

  • Cisco Ios Xr 3.4

Application

  • Cisco Cli


References

MLIST - [cisco-nsp] 20070817 About the posting entitled

MLIST - [cisco-nsp] 20070817 Heads up:

VUPEN - ADV-2007-3136

SECTRACK - 1018685

BID - 25352

MISC - http://www.heise-security.co.uk/news/94526/

CISCO - 20070912 Cisco IOS Reload on Regular Expression Processing

SECUNIA - 26798

MISC - http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=WAN%2C%20Routing%20and%20Switching&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9

MLIST - [cisco-nsp] 20070817 About the posting entitled "Heads up: "sh ip bgp regexp" crashing router"

MLIST - [cisco-nsp] 20070817 Heads up: "sh ip bgp regexp" crashing router


Last Updated: 27 May 2016 10:44:56