CVE-2008-3806

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 26-09-2008 06:21

Last modified: - 02-06-2022 07:18

Total changes: - 2

Description

Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:N/I:P/A:C

Low

Attack complexity

Network

Attack vector

High

Availability

None

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

8.5

Base score

10.0

7.8

Exploitability score

Impact score

Verification logic

vendor=cisco AND product=ios AND version=12.3bc

vendor=cisco AND product=ios AND version=12.0st

vendor=cisco AND product=ios AND version=12.3xi

vendor=cisco AND product=ios AND version=12.2zx

vendor=cisco AND product=ios AND version=12.3t

vendor=cisco AND product=ios AND version=12.2sca

vendor=cisco AND product=ios AND version=12.0sl

vendor=cisco AND product=ios AND version=12.2sb

vendor=cisco AND product=ios AND version=12.4

vendor=cisco AND product=ios AND version=12.0s

vendor=cisco AND product=ios AND version=12.2src

Reference

20080924 Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability-Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=16646
31990-Third Party Advisory
ios-udp-ipc-dos-variant2(45592)-Third Party Advisory, VDB Entry
oval:org.mitre.oval:def:7123-Third Party Advisory

Keywords

CVE-2008-3806

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2008-3806

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures