Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.105656
Category:CISCO
Title:Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability
Summary:Cisco IOS Software contains a vulnerability in the Intrusion Prevention System (IPS);feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if specific Cisco IOS IPS configurations exist.;;Cisco has released software updates that address this vulnerability.;;Workarounds that mitigate this vulnerability are available.;;Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes nine Cisco Security Advisories.;Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager.;Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory;as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication.;;Individual publication links are in `Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication` at the referenced link.
Description:Summary:
Cisco IOS Software contains a vulnerability in the Intrusion Prevention System (IPS)
feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if specific Cisco IOS IPS configurations exist.

Cisco has released software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available.

Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes nine Cisco Security Advisories.
Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager.
Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory
as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication.

Individual publication links are in `Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication` at the referenced link.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-3950
BugTraq ID: 55695
http://www.securityfocus.com/bid/55695
Cisco Security Advisory: 20120926 Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ios-ips
http://www.securitytracker.com/id?1027580
http://secunia.com/advisories/50777
XForce ISS Database: ciscoios-ips-dos(78882)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78882
CopyrightThis script is Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.