FKIE_CVE-2007-4430

Vulnerability from fkie_nvd - Published: 2007-08-20 19:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access.
References
cve@mitre.orghttp://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=WAN%2C%20Routing%20and%20Switching&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9
cve@mitre.orghttp://secunia.com/advisories/26798Vendor Advisory
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html
cve@mitre.orghttp://www.heise-security.co.uk/news/94526/
cve@mitre.orghttp://www.securityfocus.com/bid/25352
cve@mitre.orghttp://www.securitytracker.com/id?1018685
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/3136Vendor Advisory
cve@mitre.orghttps://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html
cve@mitre.orghttps://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html
af854a3a-2127-422b-91ae-364da2661108http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=WAN%2C%20Routing%20and%20Switching&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26798Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html
af854a3a-2127-422b-91ae-364da2661108http://www.heise-security.co.uk/news/94526/
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/25352
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018685
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3136Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html
af854a3a-2127-422b-91ae-364da2661108https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html
Impacted products
Vendor Product Version
cisco cli *
cisco cbos *
cisco cbos 12.1
cisco cbos 12.2
cisco ids *
cisco ios 10.0
cisco ios 10.3
cisco ios 11.0
cisco ios 11.1
cisco ios 11.2
cisco ios 12.0
cisco ios 12.1
cisco ios 12.2
cisco ios 12.3
cisco ios 12.4
cisco ios_xr *
cisco ios_xr 2.0
cisco ios_xr 3.0
cisco ios_xr 3.1
cisco ios_xr 3.2
cisco ios_xr 3.3
cisco ios_xr 3.4
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cli:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "687692A2-8316-4AF0-A121-87B1E3A59370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1AB2C2F-FEBB-4DCE-BD39-11AA7A9C89A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:cbos:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75466FDB-6AC4-4DA0-85E0-284FB7B2470A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:cbos:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "761965AE-DC5E-481C-A8D5-FBC51AEE93E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ids:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7BDB76F-07E0-4E56-85A8-24A59F93CAA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "79528F96-FD42-4A76-82EE-4B1324D53B5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3824A6CC-5C3A-4146-9CDD-B7B213527552",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D626B494-6210-4F74-8D17-BA480B6665C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82B6315D-7BEF-419F-9B93-3CF669E986D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8026B11-6144-467F-8094-F4F73CD37526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0668C45B-9D25-424B-B876-C1721BFFE5DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C15E168-11DA-4219-B689-78BC48935263",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FB31FAC-D720-4BF1-BFCC-0A9B714E292A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "904CA41E-8168-41DE-AE84-941962A7BB71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B4F71CB-B8D6-44AA-B0E8-E6EC92F4273E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D69F8FA-D58A-4F53-86D8-A20C73E9B299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD331C50-DB93-4001-B56A-C1012F894CDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "75538529-611A-43B5-AC4D-089C4E2E2ACC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a \"show ip bgp regexp\" command.  NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad no especificada en Cisco IOS versiones 12.0 hasta 12.4,  permite a atacantes  dependiendo del contexto causar una denegaci\u00f3n de servicio (reinicio del dispositivo y reconstrucci\u00f3n de la tabla de enrutamiento BGP) por medio de ciertas expresiones regulares en un comando \"show ip bgp regexp\". NOTA: los ataques remotos no autenticados son posibles en entornos con acceso an\u00f3nimo a telnet y Looking Glass."
    }
  ],
  "id": "CVE-2007-4430",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-20T19:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://forum.cisco.com/eforum/servlet/NetProf?page=netprof\u0026forum=Network%20Infrastructure\u0026topic=WAN%2C%20Routing%20and%20Switching\u0026CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26798"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.heise-security.co.uk/news/94526/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25352"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018685"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3136"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://forum.cisco.com/eforum/servlet/NetProf?page=netprof\u0026forum=Network%20Infrastructure\u0026topic=WAN%2C%20Routing%20and%20Switching\u0026CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.heise-security.co.uk/news/94526/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://puck.nether.net/pipermail/cisco-nsp/2007-August/043010.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.