ID |
CVE-2007-5421
|
Summary |
** REJECT ** Multiple stack-based buffer overflows in Cisco IOS 12.x and IOS XR allow attackers to execute arbitrary code, as demonstrated via the "Bind Shell", "Reverse Shell", and "Two byte rootshell (Tiny Shell)" attacks. NOTE: the vendor and researcher agree that this issue does not cross privilege boundaries, saying they do not "represent a vulnerability." The disclosure was intended to demonstrate techniques for exploitation, which is not covered by CVE. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 5.0 |
Impact: | |
Exploitability: | |
|
Access |
Vector | Complexity | Authentication |
|
|
|
|
Impact |
Confidentiality | Integrity | Availability |
|
|
|
|
refmap
via4
|
bid | 25994 | bugtraq | - 20071010 Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
- 20071010 RE: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
- 20071011 Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
- 20071016 RE: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
| misc | |
|
Last major update |
11-09-2008 - 01:01 |
Published |
12-10-2007 - 21:17 |
Last modified |
11-09-2008 - 01:01 |