CVE-2007-0918

The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.

Published: Feb 14, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-0918
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / ios	12.3ym	12.3ym.x
cisco / ios	12.3yq	12.3yq.x
cisco / ios	12.3xr	12.3xr.x
cisco / ios	12.4t	12.4t.x
cisco / ios	12.3ya	12.3ya.x
cisco / ios	12.3xs	12.3xs.x
cisco / ios	12.3xw	12.3xw.x
cisco / ios	12.4mr	12.4mr.x
cisco / ios	12.3yj	12.3yj.x
cisco / ios	12.3t	12.3t.x
cisco / ios	12.3yd	12.3yd.x
cisco / ios	12.3yk	12.3yk.x
cisco / ios	12.3yt	12.3yt.x
cisco / ios	12.3yz	12.3yz.x
cisco / ios	12.3yg	12.3yg.x
cisco / ios	12.3xy	12.3xy.x
cisco / ios	12.4	12.4.x
cisco / ios	12.4xa	12.4xa.x
cisco / ios	12.3yx	12.3yx.x
cisco / ios	12.3xq	12.3xq.x
cisco / ios	12.3ys	12.3ys.x
cisco / ios	12.3yh	12.3yh.x
cisco / ios	12.4xb	12.4xb.x
cisco / ios	12.3xx	12.3xx.x
cisco / ios	12.3yi	12.3yi.x

Vulnerability Database

289,782

CVE-2007-0918