FKIE_CVE-2007-2688

Vulnerability from fkie_nvd - Published: 2007-05-16 01:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
References
cve@mitre.orghttp://secunia.com/advisories/25285Vendor Advisory
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html
cve@mitre.orghttp://www.gamasec.net/english/gs07-01.html
cve@mitre.orghttp://www.kb.cert.org/vuls/id/739224US Government Resource
cve@mitre.orghttp://www.osvdb.org/35336
cve@mitre.orghttp://www.securityfocus.com/archive/1/468633/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/23980
cve@mitre.orghttp://www.securitytracker.com/id?1018053
cve@mitre.orghttp://www.securitytracker.com/id?1018054
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1803
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34277
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5465
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25285Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html
af854a3a-2127-422b-91ae-364da2661108http://www.gamasec.net/english/gs07-01.html
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/739224US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/35336
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/468633/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23980
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018053
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018054
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1803
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34277
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5465
Impacted products
Vendor Product Version
cisco ips_sensor_software 4.0
cisco ips_sensor_software 5.0\(1\)
cisco ips_sensor_software 5.0\(2\)
cisco ips_sensor_software 5.0\(6\)p1
cisco ips_sensor_software 5.1\(1\)
cisco ips_sensor_software 5.1\(1a\)
cisco ips_sensor_software 5.1\(1b\)
cisco ips_sensor_software 5.1\(1c\)
cisco ips_sensor_software 5.1\(1d\)
cisco ips_sensor_software 5.1\(1e\)
cisco ips_sensor_software 5.1\(p1\)
cisco ios 10.0
cisco ios 11.1cc
cisco ios 11.3
cisco ios 12.0
cisco ios 12.0s
cisco ios 12.0st
cisco ios 12.0t
cisco ios 12.1
cisco ios 12.1e
cisco ios 12.1t
cisco ios 12.2
cisco ios 12.2t
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B82862D-C006-4846-987B-F8FB113DF984",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C36B2596-ECC6-47B6-9BB6-95F903281EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "225CF995-082E-47CD-8673-F8F9832DA6E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(6\\)p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AEC4E54-69C0-4115-8F57-6B25694BA07D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC9FE98-33D1-4072-A9AE-91E014227599",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC14025-7D62-4264-A898-5085E0227F79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "44C6A1AB-7598-4477-AB3D-4648813855FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1c\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E703CAFC-2ED8-4B71-8559-593BF46EE568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1d\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DE533A9E-2868-4C66-8ADD-D1785FFD4726",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1e\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "34E4B9CD-D564-4FB4-BE61-B5E61E8847D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(p1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "344A1DD4-8A6B-46CF-B334-CE809932C7F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "79528F96-FD42-4A76-82EE-4B1324D53B5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.1cc:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F31EAA-F76F-4182-B90D-6997E52EEB25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "33CCFFC6-9D26-4C39-AF76-0B8FCDE743CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C398460-3F38-4AA7-A4B1-FD8A01588DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBEA01D2-B985-4575-AF00-144CE2E3024D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.0t:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA7F94E8-86FC-456B-A7BB-57953F67F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*",
              "matchCriteriaId": "7126E176-D739-4102-8F10-1EEB8C6A219D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*",
              "matchCriteriaId": "752C3C6B-910D-4153-A162-DF255F60306B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*",
              "matchCriteriaId": "84900BB3-B49F-448A-9E04-FE423FBCCC4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic."
    },
    {
      "lang": "es",
      "value": "El Sistema de Prevenci\u00f3n de Intrusiones (Intrusion Prevention System o IPS) de Cisco e IOS con el juego de funcionalidades Firewall/IPS no maneja adecuadamente determinadas codificaciones de caracteres Unicode de ancho completo y medio, lo cual podr\u00eda permitir a atacantes remotos evadir la detecci\u00f3n de tr\u00e1fico HTTP."
    }
  ],
  "id": "CVE-2007-2688",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-16T01:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25285"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gamasec.net/english/gs07-01.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/739224"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/35336"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/23980"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018053"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018054"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1803"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34277"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5465"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25285"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gamasec.net/english/gs07-01.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/739224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/35336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23980"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1803"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34277"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5465"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.