All the vulnerabilites related to cisco - ips_sensor_software
Vulnerability from fkie_nvd
Published
2014-02-22 21:55
Modified
2024-11-21 02:02
Severity ?
Summary
The produce-verbose-alert feature in Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ips_sensor_software | 7.1\(4\)e4 | |
| cisco | ips_sensor_software | 7.1\(5\)e4 | |
| cisco | ips_sensor_software | 7.1\(6\)e4 | |
| cisco | ips_sensor_software | 7.1\(7\)e4 | |
| cisco | ips_sensor_software | 7.2\(1\)e4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(4\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "75E157D7-54D8-4241-BF6C-259048C28815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(5\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C54E40-DA16-4B3F-A36F-CDDD084D562A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(6\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "420EFB20-851C-468B-8584-08929762D2BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(7\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "2D165213-7512-467F-8C29-F882DF05A017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.2\\(1\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0E024F-9E6A-4CC3-AA35-71D919FFE422",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The produce-verbose-alert feature in Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266."
},
{
"lang": "es",
"value": "La caracter\u00edstica produce-verbose-alert en Cisco IPS Software 7.1 en versiones anteriores a 7.1(8)E4 y 7.2 en versiones anteriores a 7.2(2)E4 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corte del proceso Analysis Engine) a trav\u00e9s de paquetes fragmentados, tambi\u00e9n conocido como Bug ID CSCui91266."
}
],
"id": "CVE-2014-0718",
"lastModified": "2024-11-21T02:02:40.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-22T21:55:09.547",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-22 21:55
Modified
2024-11-21 02:02
Severity ?
Summary
Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ips_sensor_software | * | |
| cisco | ips_sensor_software | 7.1\(2\)e4 | |
| cisco | ips_sensor_software | 7.1\(3\)e4 | |
| cisco | ips_sensor_software | 7.1\(4\)e4 | |
| cisco | ips_sensor_software | 7.1\(6\)e4 | |
| cisco | ips_sensor_software | 7.1\(7\)e4 | |
| cisco | ips_sensor_software | 7.1\(8\)e4 | |
| cisco | ips_sensor_software | 7.2\(1\)e4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7362D97-8656-4FB9-9D6C-FD6288F4913B",
"versionEndIncluding": "7.1\\(1\\)e4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(2\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "FA25FBCD-4CED-474A-8C75-1ABD809D1537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(3\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "B848150C-DA8E-4C23-8740-07F3DEA86CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(4\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "75E157D7-54D8-4241-BF6C-259048C28815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(6\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "420EFB20-851C-468B-8584-08929762D2BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(7\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "2D165213-7512-467F-8C29-F882DF05A017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(8\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA6992B-2825-4D37-9637-F153B697767C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.2\\(1\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0E024F-9E6A-4CC3-AA35-71D919FFE422",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944."
},
{
"lang": "es",
"value": "Cisco IPS Software 7.1 en versiones anteriores a 7.1(8)E4 y 7.2 en versiones anteriores a 7.2(2)E4 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corte del proceso Analysis Engine) a trav\u00e9s de una inundaci\u00f3n de tramas gigantes, tambi\u00e9n conocido como Bug ID CSCuh94944."
}
],
"id": "CVE-2014-0720",
"lastModified": "2024-11-21T02:02:41.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-22T21:55:09.593",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-09-21 00:07
Modified
2024-11-21 00:17
Severity ?
Summary
The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ids_sensor_software | 4.1\(5b\) | |
| cisco | ips_sensor_software | 5.0\(6\)p1 | |
| cisco | ips_sensor_software | 5.1\(1\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ids_sensor_software:4.1\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BF16B4D-9B97-452F-9FC5-67F27C0CB3D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(6\\)p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEC4E54-69C0-4115-8F57-6B25694BA07D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EC9FE98-33D1-4072-A9AE-91E014227599",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet."
},
{
"lang": "es",
"value": "La interfaz web(mainApp)para administrar a Cisco IDS nateriores a 4.1(5c), e IPS 5.0 anteriores a 5.0(6p1) y 5.1 anteriores a 5.1(2)permite a un atacante remoto provocar una denegaci\u00f3n de servicio (dispositivo sin respuesta) a trav\u00e9s de un paquete artesanal SSLv2 Client Hello."
}
],
"id": "CVE-2006-4910",
"lastModified": "2024-11-21T00:17:07.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-21T00:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22046"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016891"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/642076"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/29037"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20124"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3721"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/642076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/29037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29056"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-09-21 00:07
Modified
2024-11-21 00:17
Severity ?
Summary
Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a "crafted sequence of fragmented IP packets".
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ips_sensor_software | * | |
| cisco | ips_sensor_software | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A17165F9-508D-4A38-AC9E-8AFAF37BAD41",
"versionEndExcluding": "5.0\\(6p2\\)",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFFF424-174F-4A70-8FFD-620DF177012A",
"versionEndExcluding": "5.1\\(2\\)",
"versionStartIncluding": "5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a \"crafted sequence of fragmented IP packets\"."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Cisco IPS 5.0 anterior a 5.0(6p2) y en 5.1 anterior a 5.1(2), cuando se ejecuta en modo inline o promiscuo, permite a atacantes remotos evitar la inspecci\u00f3n del tr\u00e1fico v\u00eda una \"secuencia artesanal de paquetes IP fragmentados\"."
}
],
"id": "CVE-2006-4911",
"lastModified": "2024-11-21T00:17:07.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-21T00:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22022"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1016891"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/658884"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/29036"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/20127"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3721"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1016891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/658884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/29036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/20127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29058"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-08-23 04:00
Modified
2024-11-21 00:00
Severity ?
Summary
Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ips_sensor_software | 5.0\(1\) | |
| cisco | ips_sensor_software | 5.0\(2\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C36B2596-ECC6-47B6-9BB6-95F903281EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "225CF995-082E-47CD-8673-F8F9832DA6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors."
}
],
"id": "CVE-2005-2681",
"lastModified": "2024-11-21T00:00:08.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-08-23T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16545"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050824-ips.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/14633"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050824-ips.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21947"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-22 21:55
Modified
2024-11-21 02:02
Severity ?
Summary
The control-plane access-list implementation in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (MainApp process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ips_sensor_software | * | |
| cisco | ips_sensor_software | 7.1\(2\)e4 | |
| cisco | ips_sensor_software | 7.1\(3\)e4 | |
| cisco | ips_sensor_software | 7.1\(4\)e4 | |
| cisco | ips_sensor_software | 7.1\(6\)e4 | |
| cisco | ips_sensor_software | 7.1\(7\)e4 | |
| cisco | ips_sensor_software | 7.1\(8\)e4 | |
| cisco | ips_sensor_software | 7.2\(1\)e4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7362D97-8656-4FB9-9D6C-FD6288F4913B",
"versionEndIncluding": "7.1\\(1\\)e4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(2\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "FA25FBCD-4CED-474A-8C75-1ABD809D1537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(3\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "B848150C-DA8E-4C23-8740-07F3DEA86CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(4\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "75E157D7-54D8-4241-BF6C-259048C28815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(6\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "420EFB20-851C-468B-8584-08929762D2BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(7\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "2D165213-7512-467F-8C29-F882DF05A017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.1\\(8\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA6992B-2825-4D37-9637-F153B697767C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.2\\(1\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0E024F-9E6A-4CC3-AA35-71D919FFE422",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The control-plane access-list implementation in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (MainApp process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394."
},
{
"lang": "es",
"value": "La implementaci\u00f3n control-plane access-list en Cisco IPS Software en versiones anteriores a 7.1(8p2)E4 y 7.2 en versiones anteriores a 7.2(2)E4 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corte del proceso MainApp) a trav\u00e9s de paquetes manipulados a puerto TCP 7000, tambi\u00e9n conocido como Bug ID CSCui67394."
}
],
"id": "CVE-2014-0719",
"lastModified": "2024-11-21T02:02:41.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-22T21:55:09.577",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-16 01:19
Modified
2024-11-21 00:31
Severity ?
Summary
The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ips_sensor_software | 4.0 | |
| cisco | ips_sensor_software | 5.0\(1\) | |
| cisco | ips_sensor_software | 5.0\(2\) | |
| cisco | ips_sensor_software | 5.0\(6\)p1 | |
| cisco | ips_sensor_software | 5.1\(1\) | |
| cisco | ips_sensor_software | 5.1\(1a\) | |
| cisco | ips_sensor_software | 5.1\(1b\) | |
| cisco | ips_sensor_software | 5.1\(1c\) | |
| cisco | ips_sensor_software | 5.1\(1d\) | |
| cisco | ips_sensor_software | 5.1\(1e\) | |
| cisco | ips_sensor_software | 5.1\(p1\) | |
| cisco | ios | 10.0 | |
| cisco | ios | 11.1cc | |
| cisco | ios | 11.3 | |
| cisco | ios | 12.0 | |
| cisco | ios | 12.0s | |
| cisco | ios | 12.0st | |
| cisco | ios | 12.0t | |
| cisco | ios | 12.1 | |
| cisco | ios | 12.1e | |
| cisco | ios | 12.1t | |
| cisco | ios | 12.2 | |
| cisco | ios | 12.2t |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B82862D-C006-4846-987B-F8FB113DF984",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C36B2596-ECC6-47B6-9BB6-95F903281EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "225CF995-082E-47CD-8673-F8F9832DA6E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(6\\)p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEC4E54-69C0-4115-8F57-6B25694BA07D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EC9FE98-33D1-4072-A9AE-91E014227599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EBC14025-7D62-4264-A898-5085E0227F79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "44C6A1AB-7598-4477-AB3D-4648813855FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E703CAFC-2ED8-4B71-8559-593BF46EE568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE533A9E-2868-4C66-8ADD-D1785FFD4726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "34E4B9CD-D564-4FB4-BE61-B5E61E8847D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "344A1DD4-8A6B-46CF-B334-CE809932C7F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79528F96-FD42-4A76-82EE-4B1324D53B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1cc:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F31EAA-F76F-4182-B90D-6997E52EEB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "33CCFFC6-9D26-4C39-AF76-0B8FCDE743CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "2C398460-3F38-4AA7-A4B1-FD8A01588DB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*",
"matchCriteriaId": "DBEA01D2-B985-4575-AF00-144CE2E3024D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0t:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7F94E8-86FC-456B-A7BB-57953F67F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "7126E176-D739-4102-8F10-1EEB8C6A219D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "752C3C6B-910D-4153-A162-DF255F60306B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*",
"matchCriteriaId": "84900BB3-B49F-448A-9E04-FE423FBCCC4F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic."
},
{
"lang": "es",
"value": "El Sistema de Prevenci\u00f3n de Intrusiones (Intrusion Prevention System o IPS) de Cisco e IOS con el juego de funcionalidades Firewall/IPS no maneja adecuadamente determinadas codificaciones de caracteres Unicode de ancho completo y medio, lo cual podr\u00eda permitir a atacantes remotos evadir la detecci\u00f3n de tr\u00e1fico HTTP."
}
],
"id": "CVE-2007-2688",
"lastModified": "2024-11-21T00:31:24.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-16T01:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25285"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/35336"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23980"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018053"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018054"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1803"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34277"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/35336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5465"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-21 11:59
Modified
2024-11-21 02:23
Severity ?
Summary
Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.2\\(1\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0E024F-9E6A-4CC3-AA35-71D919FFE422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.2\\(2\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE4ECF3-881A-43A5-BBE2-4DCACD399EC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ids_4210:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F16322D-1B9A-4378-8A19-AD108FAC7D07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ids_4215:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79D91EA2-CD3F-4C3C-B052-72ADDE6D79A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ids_4220:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56161609-806D-4FF6-9B0B-E2AD491D7066",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ids_4230:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E021E32E-F237-4249-BC22-7226FDD158D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ids_4235:*:*:*:*:*:*:*:*",
"matchCriteriaId": "909D1328-04C6-4870-B7BA-6ED45F15FF38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ids_4250:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10446949-EDCA-4775-B8CA-AB8FC32B8EF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ids_4250_xl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24ABF6DE-3A80-4D1D-801E-20F5CF26C68A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ips_4240:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661A7A3E-09E3-44DA-AEB5-8021BCEF30EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ips_4255:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2BCB3B-CE33-4B96-A125-8E7001845A5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ips_4260:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3637DA-60C8-4F15-8906-F67ADA344A18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ips_4270:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78AE85C6-12A9-4FF6-84CD-C9A197A846F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en la implementaci\u00f3n SSL en los dispositivos Cisco Intrusion Prevention System (IPS) permite a atacantes remotos causar una denegaci\u00f3n de servicio al hacer muchas conexiones HTTPS de la interfaz de gesti\u00f3n durante la fase de la regeneraci\u00f3n de claves de una actualizaci\u00f3n, tambi\u00e9n conocido como Bug ID CSCui25688."
}
],
"id": "CVE-2015-0631",
"lastModified": "2024-11-21T02:23:26.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-21T11:59:04.027",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/72700"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1031780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031780"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-18 15:37
Modified
2024-11-21 00:13
Severity ?
Summary
The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ips_sensor_software | 5.1\(1\) | |
| cisco | ips_sensor_software | 5.1\(1a\) | |
| cisco | ips_sensor_software | 5.1\(1b\) | |
| cisco | ips_sensor_software | 5.1\(1c\) | |
| cisco | ips_sensor_software | 5.1\(1d\) | |
| cisco | ips_sensor_software | 5.1\(1e\) | |
| cisco | ips_sensor_software | 5.1\(p1\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EC9FE98-33D1-4072-A9AE-91E014227599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EBC14025-7D62-4264-A898-5085E0227F79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "44C6A1AB-7598-4477-AB3D-4648813855FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E703CAFC-2ED8-4B71-8559-593BF46EE568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE533A9E-2868-4C66-8ADD-D1785FFD4726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "34E4B9CD-D564-4FB4-BE61-B5E61E8847D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "344A1DD4-8A6B-46CF-B334-CE809932C7F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet."
},
{
"lang": "es",
"value": "El controlador de dispositivo para los adaptadores de red gigabit basado en Intel en Cisco Intrusion Prevention System (IPS) 5.1(1) hasta la 5.1(p1), instalado en appliances Cisco Intrusion Prevention System 42xx, permite a atacantes remotos provocar denegaci\u00f3n de servicio (kernel panic y posiblemente interrupci\u00f3n de la red) a trav\u00e9s de paquetes IP manipulados."
}
],
"id": "CVE-2006-3596",
"lastModified": "2024-11-21T00:13:59.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-18T15:37:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21029"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016474"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-ips.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/27163"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18955"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2772"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-ips.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/27163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27692"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2006-3596
Vulnerability from cvelistv5
Published
2006-07-14 20:00
Modified
2024-08-07 18:30
Severity ?
EPSS score ?
Summary
The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1016474 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/21029 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/18955 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27692 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2006/2772 | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/warp/public/707/cisco-sa-20060712-ips.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.osvdb.org/27163 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016474",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016474"
},
{
"name": "21029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21029"
},
{
"name": "18955",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18955"
},
{
"name": "cisco-ips-ip-packet-dos(27692)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27692"
},
{
"name": "ADV-2006-2772",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2772"
},
{
"name": "20060712 Cisco Intrusion Prevention System Malformed Packet Denial of Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-ips.shtml"
},
{
"name": "27163",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27163"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016474",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016474"
},
{
"name": "21029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21029"
},
{
"name": "18955",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18955"
},
{
"name": "cisco-ips-ip-packet-dos(27692)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27692"
},
{
"name": "ADV-2006-2772",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2772"
},
{
"name": "20060712 Cisco Intrusion Prevention System Malformed Packet Denial of Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-ips.shtml"
},
{
"name": "27163",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27163"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3596",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016474",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016474"
},
{
"name": "21029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21029"
},
{
"name": "18955",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18955"
},
{
"name": "cisco-ips-ip-packet-dos(27692)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27692"
},
{
"name": "ADV-2006-2772",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2772"
},
{
"name": "20060712 Cisco Intrusion Prevention System Malformed Packet Denial of Service",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-ips.shtml"
},
{
"name": "27163",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27163"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3596",
"datePublished": "2006-07-14T20:00:00",
"dateReserved": "2006-07-14T00:00:00",
"dateUpdated": "2024-08-07T18:30:34.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-2681
Vulnerability from cvelistv5
Published
2005-08-23 04:00
Modified
2024-08-07 22:45
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/16545 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cisco.com/warp/public/707/cisco-sa-20050824-ips.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/21947 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/14633 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:45:01.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16545",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16545"
},
{
"name": "20050822 Cisco Intrusion Prevention System Vulnerable to Privilege Escalation",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050824-ips.shtml"
},
{
"name": "cisco-ips-cli-gain-privileges(21947)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21947"
},
{
"name": "14633",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14633"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16545",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16545"
},
{
"name": "20050822 Cisco Intrusion Prevention System Vulnerable to Privilege Escalation",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050824-ips.shtml"
},
{
"name": "cisco-ips-cli-gain-privileges(21947)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21947"
},
{
"name": "14633",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14633"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16545"
},
{
"name": "20050822 Cisco Intrusion Prevention System Vulnerable to Privilege Escalation",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050824-ips.shtml"
},
{
"name": "cisco-ips-cli-gain-privileges(21947)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21947"
},
{
"name": "14633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14633"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2681",
"datePublished": "2005-08-23T04:00:00",
"dateReserved": "2005-08-23T00:00:00",
"dateUpdated": "2024-08-07T22:45:01.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0719
Vulnerability from cvelistv5
Published
2014-02-22 21:00
Modified
2024-08-06 09:27
Severity ?
EPSS score ?
Summary
The control-plane access-list implementation in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (MainApp process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:19.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140219 Multiple Vulnerabilities in Cisco IPS Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The control-plane access-list implementation in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (MainApp process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-24T05:57:03",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140219 Multiple Vulnerabilities in Cisco IPS Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-0719",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The control-plane access-list implementation in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (MainApp process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140219 Multiple Vulnerabilities in Cisco IPS Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-0719",
"datePublished": "2014-02-22T21:00:00",
"dateReserved": "2014-01-02T00:00:00",
"dateUpdated": "2024-08-06T09:27:19.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0720
Vulnerability from cvelistv5
Published
2014-02-22 21:00
Modified
2024-08-06 09:27
Severity ?
EPSS score ?
Summary
Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:19.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140219 Multiple Vulnerabilities in Cisco IPS Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-24T05:57:03",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140219 Multiple Vulnerabilities in Cisco IPS Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-0720",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140219 Multiple Vulnerabilities in Cisco IPS Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-0720",
"datePublished": "2014-02-22T21:00:00",
"dateReserved": "2014-01-02T00:00:00",
"dateUpdated": "2024-08-06T09:27:19.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2688
Vulnerability from cvelistv5
Published
2007-05-16 01:00
Modified
2024-08-07 13:49
Severity ?
EPSS score ?
Summary
The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5465 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.osvdb.org/35336 | vdb-entry, x_refsource_OSVDB | |
| http://www.kb.cert.org/vuls/id/739224 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.vupen.com/english/advisories/2007/1803 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1018053 | vdb-entry, x_refsource_SECTRACK | |
| http://www.gamasec.net/english/gs07-01.html | x_refsource_MISC | |
| http://secunia.com/advisories/25285 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1018054 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/23980 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34277 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/468633/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5465",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5465"
},
{
"name": "35336",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/35336"
},
{
"name": "VU#739224",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"name": "ADV-2007-1803",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1803"
},
{
"name": "1018053",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"name": "25285",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25285"
},
{
"name": "1018054",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018054"
},
{
"name": "23980",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23980"
},
{
"name": "20070514 HTTP Full-Width and Half-Width Unicode Encoding Evasion",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html"
},
{
"name": "cisco-scanengine-unicode-security-bypass(34277)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34277"
},
{
"name": "20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5465",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5465"
},
{
"name": "35336",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/35336"
},
{
"name": "VU#739224",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"name": "ADV-2007-1803",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1803"
},
{
"name": "1018053",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"name": "25285",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25285"
},
{
"name": "1018054",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018054"
},
{
"name": "23980",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23980"
},
{
"name": "20070514 HTTP Full-Width and Half-Width Unicode Encoding Evasion",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html"
},
{
"name": "cisco-scanengine-unicode-security-bypass(34277)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34277"
},
{
"name": "20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:5465",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5465"
},
{
"name": "35336",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35336"
},
{
"name": "VU#739224",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"name": "ADV-2007-1803",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1803"
},
{
"name": "1018053",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018053"
},
{
"name": "http://www.gamasec.net/english/gs07-01.html",
"refsource": "MISC",
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"name": "25285",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25285"
},
{
"name": "1018054",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018054"
},
{
"name": "23980",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23980"
},
{
"name": "20070514 HTTP Full-Width and Half-Width Unicode Encoding Evasion",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html"
},
{
"name": "cisco-scanengine-unicode-security-bypass(34277)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34277"
},
{
"name": "20070515 GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2688",
"datePublished": "2007-05-16T01:00:00",
"dateReserved": "2007-05-15T00:00:00",
"dateUpdated": "2024-08-07T13:49:57.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-0631
Vulnerability from cvelistv5
Published
2015-02-21 11:00
Modified
2024-08-06 04:17
Severity ?
EPSS score ?
Summary
Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/72700 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1031780 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150220 Cisco Intrusion Prevention System Key Regeneration HTTPS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631"
},
{
"name": "72700",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72700"
},
{
"name": "1031780",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031780"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-27T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150220 Cisco Intrusion Prevention System Key Regeneration HTTPS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631"
},
{
"name": "72700",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72700"
},
{
"name": "1031780",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031780"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0631",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150220 Cisco Intrusion Prevention System Key Regeneration HTTPS Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631"
},
{
"name": "72700",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72700"
},
{
"name": "1031780",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031780"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0631",
"datePublished": "2015-02-21T11:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0718
Vulnerability from cvelistv5
Published
2014-02-22 21:00
Modified
2024-08-06 09:27
Severity ?
EPSS score ?
Summary
The produce-verbose-alert feature in Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:19.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140219 Multiple Vulnerabilities in Cisco IPS Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The produce-verbose-alert feature in Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-24T05:57:03",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140219 Multiple Vulnerabilities in Cisco IPS Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-0718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The produce-verbose-alert feature in Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140219 Multiple Vulnerabilities in Cisco IPS Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-0718",
"datePublished": "2014-02-22T21:00:00",
"dateReserved": "2014-01-02T00:00:00",
"dateUpdated": "2024-08-06T09:27:19.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4911
Vulnerability from cvelistv5
Published
2006-09-21 00:00
Modified
2024-08-07 19:32
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a "crafted sequence of fragmented IP packets".
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/20127 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/29036 | vdb-entry, x_refsource_OSVDB | |
| http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29058 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1016891 | vdb-entry, x_refsource_SECTRACK | |
| http://www.kb.cert.org/vuls/id/658884 | third-party-advisory, x_refsource_CERT-VN | |
| http://secunia.com/advisories/22022 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2006/3721 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20127",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20127"
},
{
"name": "29036",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29036"
},
{
"name": "20060920 Cisco Security Advisory: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"name": "cisco-ips-frag-bypass(29058)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29058"
},
{
"name": "1016891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016891"
},
{
"name": "VU#658884",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/658884"
},
{
"name": "22022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22022"
},
{
"name": "ADV-2006-3721",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3721"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a \"crafted sequence of fragmented IP packets\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20127",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20127"
},
{
"name": "29036",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29036"
},
{
"name": "20060920 Cisco Security Advisory: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"name": "cisco-ips-frag-bypass(29058)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29058"
},
{
"name": "1016891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016891"
},
{
"name": "VU#658884",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/658884"
},
{
"name": "22022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22022"
},
{
"name": "ADV-2006-3721",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3721"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a \"crafted sequence of fragmented IP packets\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20127",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20127"
},
{
"name": "29036",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29036"
},
{
"name": "20060920 Cisco Security Advisory: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"name": "cisco-ips-frag-bypass(29058)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29058"
},
{
"name": "1016891",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016891"
},
{
"name": "VU#658884",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/658884"
},
{
"name": "22022",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22022"
},
{
"name": "ADV-2006-3721",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3721"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4911",
"datePublished": "2006-09-21T00:00:00",
"dateReserved": "2006-09-20T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4910
Vulnerability from cvelistv5
Published
2006-09-21 00:00
Modified
2024-08-07 19:32
Severity ?
EPSS score ?
Summary
The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml | vendor-advisory, x_refsource_CISCO | |
| http://secunia.com/advisories/22046 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/20124 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1016891 | vdb-entry, x_refsource_SECTRACK | |
| http://www.kb.cert.org/vuls/id/642076 | third-party-advisory, x_refsource_CERT-VN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29056 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/29037 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2006/3721 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060920 Cisco Security Advisory: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"name": "22046",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22046"
},
{
"name": "20124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20124"
},
{
"name": "1016891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016891"
},
{
"name": "VU#642076",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/642076"
},
{
"name": "cisco-ips-ssl-dos(29056)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29056"
},
{
"name": "29037",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29037"
},
{
"name": "ADV-2006-3721",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3721"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060920 Cisco Security Advisory: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"name": "22046",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22046"
},
{
"name": "20124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20124"
},
{
"name": "1016891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016891"
},
{
"name": "VU#642076",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/642076"
},
{
"name": "cisco-ips-ssl-dos(29056)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29056"
},
{
"name": "29037",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29037"
},
{
"name": "ADV-2006-3721",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3721"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060920 Cisco Security Advisory: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"name": "22046",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22046"
},
{
"name": "20124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20124"
},
{
"name": "1016891",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016891"
},
{
"name": "VU#642076",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/642076"
},
{
"name": "cisco-ips-ssl-dos(29056)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29056"
},
{
"name": "29037",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29037"
},
{
"name": "ADV-2006-3721",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3721"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4910",
"datePublished": "2006-09-21T00:00:00",
"dateReserved": "2006-09-20T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}