CVE-2008-2739

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 26-09-2008 06:21

Last modified: - 02-06-2022 07:09

Total changes: - 2

Description

The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:N/I:N/A:C

Low

Attack complexity

Network

Attack vector

High

Availability

None

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

7.8

Base score

10.0

6.9

Exploitability score

Impact score

Verification logic

vendor=cisco AND product=ios AND version=12.3xr

vendor=cisco AND product=ios AND version=12.3ya

vendor=cisco AND product=ios AND version=12.3xs

vendor=cisco AND product=ios AND version=12.4xj

vendor=cisco AND product=ios AND version=12.4xt

vendor=cisco AND product=ios AND version=12.3t

vendor=cisco AND product=ios AND version=12.4xf

vendor=cisco AND product=ios AND version=12.4xv

vendor=cisco AND product=ios AND version=12.3yd

vendor=cisco AND product=ios AND version=12.3xl

vendor=cisco AND product=ios AND version=12.3yi

vendor=cisco AND product=ios AND version=12.3xq

vendor=cisco AND product=ios AND version=12.3xx

vendor=cisco AND product=ios AND version=12.3yg

vendor=cisco AND product=ios AND version=12.3yh

vendor=cisco AND product=ios AND version=12.3yk

vendor=cisco AND product=ios AND version=12.3ys

vendor=cisco AND product=ios AND version=12.3yt

vendor=cisco AND product=ios AND version=12.3za

vendor=cisco AND product=ios AND version=12.4xa

vendor=cisco AND product=ios AND version=12.4xc

vendor=cisco AND product=ios AND version=12.4xe

vendor=cisco AND product=ios AND version=12.4xk

Reference

20080924 Cisco IOS IPS Denial of Service Vulnerability-Vendor Advisory
31990-Third Party Advisory
ADV-2008-2670-Permissions Required, Third Party Advisory
oval:org.mitre.oval:def:6058-Broken Link

Keywords

CVE-2008-2739

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2008-2739

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures