1. CVE-Search
  2. CVE-2007-4285
ID CVE-2007-4285
Summary Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header.
References
Vulnerable Configurations
  • cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
CVSS
Base: 9.0 (as of 29-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:C
oval via4
accepted 2008-09-08T04:00:52.250-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header.
family ios
id oval:org.mitre.oval:def:5840
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco IOS 12.3 IPv6 Packet Processing Information Leakage Vulnerability
version 3
refmap via4
cisco 20070808 Cisco IOS Information Leakage Using IPv6 Routing Header
sectrack 1018542
secunia 26359
vupen ADV-2007-2819
xf cisco-ios-ipv6-header-dos(35906)
Last major update 29-09-2017 - 01:29
Published 09-08-2007 - 21:17
Last modified 29-09-2017 - 01:29
Back to Top