CVE-2007-0917 — MEDIUM (6.4)

Vulnerability Description

The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.

CVSS Score

6.4

MEDIUM

AV:N/AC:L/Au:N/C:P/I:P/A:N

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Cisco	Ios	12.3t

References

http://osvdb.org/33052
http://secunia.com/advisories/24142
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.s
http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.h
http://www.securityfocus.com/bid/22549
http://www.securitytracker.com/id?1017631
http://www.vupen.com/english/advisories/2007/0597
https://exchange.xforce.ibmcloud.com/vulnerabilities/32473
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
http://osvdb.org/33052
http://secunia.com/advisories/24142
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.s
http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.h
http://www.securityfocus.com/bid/22549
http://www.securitytracker.com/id?1017631

FAQ

What is CVE-2007-0917?

CVE-2007-0917 is a vulnerability with a CVSS score of 6.4 (MEDIUM). The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.

How severe is CVE-2007-0917?

CVE-2007-0917 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-0917?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios.