Vulnerability Description
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cli | All versions |
| Cisco | Cbos | All versions |
| Cisco | Ids | All versions |
| Cisco | Ios | 10.0 |
| Cisco | Ios Xr | All versions |
Related Weaknesses (CWE)
References
- http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infra
- http://secunia.com/advisories/26798Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.h
- http://www.heise-security.co.uk/news/94526/
- http://www.securityfocus.com/bid/25352
- http://www.securitytracker.com/id?1018685
- http://www.vupen.com/english/advisories/2007/3136Vendor Advisory
- https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html
- https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html
- http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infra
- http://secunia.com/advisories/26798Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.h
- http://www.heise-security.co.uk/news/94526/
- http://www.securityfocus.com/bid/25352
- http://www.securitytracker.com/id?1018685
FAQ
What is CVE-2007-4430?
CVE-2007-4430 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions ...
How severe is CVE-2007-4430?
CVE-2007-4430 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4430?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Cli, Cisco Cbos, Cisco Ids, Cisco Ios, Cisco Ios Xr.