fkie_cve-2007-4430
Vulnerability from fkie_nvd
Published
2007-08-20 19:17
Modified
2024-11-21 00:35
Severity ?
Summary
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access.
References
cve@mitre.orghttp://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=WAN%2C%20Routing%20and%20Switching&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9
cve@mitre.orghttp://secunia.com/advisories/26798Vendor Advisory
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html
cve@mitre.orghttp://www.heise-security.co.uk/news/94526/
cve@mitre.orghttp://www.securityfocus.com/bid/25352
cve@mitre.orghttp://www.securitytracker.com/id?1018685
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/3136Vendor Advisory
cve@mitre.orghttps://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html
cve@mitre.orghttps://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html
af854a3a-2127-422b-91ae-364da2661108http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=WAN%2C%20Routing%20and%20Switching&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26798Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html
af854a3a-2127-422b-91ae-364da2661108http://www.heise-security.co.uk/news/94526/
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/25352
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018685
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3136Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html
af854a3a-2127-422b-91ae-364da2661108https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html
Impacted products
Vendor Product Version
cisco cli *
cisco cbos *
cisco cbos 12.1
cisco cbos 12.2
cisco ids *
cisco ios 10.0
cisco ios 10.3
cisco ios 11.0
cisco ios 11.1
cisco ios 11.2
cisco ios 12.0
cisco ios 12.1
cisco ios 12.2
cisco ios 12.3
cisco ios 12.4
cisco ios_xr *
cisco ios_xr 2.0
cisco ios_xr 3.0
cisco ios_xr 3.1
cisco ios_xr 3.2
cisco ios_xr 3.3
cisco ios_xr 3.4


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cli:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "687692A2-8316-4AF0-A121-87B1E3A59370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1AB2C2F-FEBB-4DCE-BD39-11AA7A9C89A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:cbos:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75466FDB-6AC4-4DA0-85E0-284FB7B2470A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:cbos:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "761965AE-DC5E-481C-A8D5-FBC51AEE93E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ids:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7BDB76F-07E0-4E56-85A8-24A59F93CAA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "79528F96-FD42-4A76-82EE-4B1324D53B5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3824A6CC-5C3A-4146-9CDD-B7B213527552",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D626B494-6210-4F74-8D17-BA480B6665C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82B6315D-7BEF-419F-9B93-3CF669E986D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8026B11-6144-467F-8094-F4F73CD37526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0668C45B-9D25-424B-B876-C1721BFFE5DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C15E168-11DA-4219-B689-78BC48935263",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FB31FAC-D720-4BF1-BFCC-0A9B714E292A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "904CA41E-8168-41DE-AE84-941962A7BB71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B4F71CB-B8D6-44AA-B0E8-E6EC92F4273E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D69F8FA-D58A-4F53-86D8-A20C73E9B299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD331C50-DB93-4001-B56A-C1012F894CDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "75538529-611A-43B5-AC4D-089C4E2E2ACC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a \"show ip bgp regexp\" command.  NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad no especificada en Cisco IOS versiones 12.0 hasta 12.4,  permite a atacantes  dependiendo del contexto causar una denegaci\u00f3n de servicio (reinicio del dispositivo y reconstrucci\u00f3n de la tabla de enrutamiento BGP) por medio de ciertas expresiones regulares en un comando \"show ip bgp regexp\". NOTA: los ataques remotos no autenticados son posibles en entornos con acceso an\u00f3nimo a telnet y Looking Glass."
    }
  ],
  "id": "CVE-2007-4430",
  "lastModified": "2024-11-21T00:35:34.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-20T19:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://forum.cisco.com/eforum/servlet/NetProf?page=netprof\u0026forum=Network%20Infrastructure\u0026topic=WAN%2C%20Routing%20and%20Switching\u0026CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26798"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.heise-security.co.uk/news/94526/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25352"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018685"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3136"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://forum.cisco.com/eforum/servlet/NetProf?page=netprof\u0026forum=Network%20Infrastructure\u0026topic=WAN%2C%20Routing%20and%20Switching\u0026CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.heise-security.co.uk/news/94526/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.