Vulnerability Description
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.3t |
References
- http://osvdb.org/33053Broken Link
- http://secunia.com/advisories/24142Third Party Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.sVendor Advisory
- http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.hVendor Advisory
- http://www.securityfocus.com/bid/22549Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1017631Broken LinkThird Party AdvisoryVDB Entry
- http://www.vupen.com/english/advisories/2007/0597Permissions RequiredThird Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32474Third Party AdvisoryVDB Entry
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link
- http://osvdb.org/33053Broken Link
- http://secunia.com/advisories/24142Third Party Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.sVendor Advisory
- http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.hVendor Advisory
- http://www.securityfocus.com/bid/22549Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1017631Broken LinkThird Party AdvisoryVDB Entry
FAQ
What is CVE-2007-0918?
CVE-2007-0918 is a vulnerability with a CVSS score of 7.1 (HIGH). The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash a...
How severe is CVE-2007-0918?
CVE-2007-0918 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0918?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios.