fkie_nvd - fkie_cve-2008-2739

fkie_cve-2008-2739

Vulnerability from fkie_nvd

Published

2008-09-26 16:21

Modified

2025-04-09 00:30

Severity ?

Summary

The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.

References

URL	Tags
psirt@cisco.com	http://secunia.com/advisories/31990	Third Party Advisory
psirt@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01556.shtml	Vendor Advisory
psirt@cisco.com	http://www.vupen.com/english/advisories/2008/2670	Permissions Required, Third Party Advisory
psirt@cisco.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6058	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31990	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01556.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2670	Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6058	Broken Link

Impacted products

Vendor	Product	Version
cisco	ios	12.3t
cisco	ios	12.3xl
cisco	ios	12.3xq
cisco	ios	12.3xr
cisco	ios	12.3xs
cisco	ios	12.3xx
cisco	ios	12.3ya
cisco	ios	12.3yd
cisco	ios	12.3yg
cisco	ios	12.3yh
cisco	ios	12.3yi
cisco	ios	12.3yk
cisco	ios	12.3ys
cisco	ios	12.3yt
cisco	ios	12.3za
cisco	ios	12.4xa
cisco	ios	12.4xc
cisco	ios	12.4xe
cisco	ios	12.4xf
cisco	ios	12.4xj
cisco	ios	12.4xk
cisco	ios	12.4xt
cisco	ios	12.4xv

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3t:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0C3B413-76F7-413B-A51F-29834F9DE722",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3xl:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FC4904-1F4D-4E10-AF95-911B07827598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3xq:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B9E611-3F06-424C-96EF-EE4997C70AB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3xr:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0A5760A-9FFE-4941-B2BD-7DD54B1E1B37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3xs:*:*:*:*:*:*:*",
              "matchCriteriaId": "98FE195E-084B-4F4C-800D-850165DED48C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3xx:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1976E53-85A6-494F-B8AC-847E7988850C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3ya:*:*:*:*:*:*:*",
              "matchCriteriaId": "320C5597-68BE-4899-9EBB-9B4DEE8EA7DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yd:*:*:*:*:*:*:*",
              "matchCriteriaId": "520304A4-EB15-42A8-A402-8251A4D2076D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yg:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA88C064-898F-4C0D-A266-D7B3509C28A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yh:*:*:*:*:*:*:*",
              "matchCriteriaId": "139B1182-61A3-4F3D-9E29-758F27917646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yi:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC3706F-B00A-405E-917E-7FD5217E0501",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yk:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF4D0E3-8015-4D6F-8364-B6EEAAE67971",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3ys:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF9D6B6-E51F-44FF-97E5-15E0C4E9C3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yt:*:*:*:*:*:*:*",
              "matchCriteriaId": "A25C42FA-37F4-4B7F-AFCA-D7F081F58CF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3za:*:*:*:*:*:*:*",
              "matchCriteriaId": "3870C62F-D086-419C-A0E6-815E9ED5DE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xa:*:*:*:*:*:*:*",
              "matchCriteriaId": "99235FFB-4439-40B2-ADBD-B08E5DBBCCB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xc:*:*:*:*:*:*:*",
              "matchCriteriaId": "544BD924-2CBD-4130-BBD3-5AD084C85FE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xe:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F36C3D-E9A2-41A1-BE71-4D8B00D228E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xf:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D1CD80F-E898-41CE-8A86-28C2F48B928A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xj:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF610051-1638-4C1B-9864-11E34EFC4DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xk:*:*:*:*:*:*:*",
              "matchCriteriaId": "78260223-50C0-48F8-9A65-AE67489E602C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xt:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFED1FFB-899D-4A48-9CCA-0B8737AE1408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xv:*:*:*:*:*:*:*",
              "matchCriteriaId": "883FA166-2973-42BA-842D-28FBDBFEAC4A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447."
    },
    {
      "lang": "es",
      "value": "El motor de firma SERVICE.DNS en  Intrusion Prevention System  (IPS) en Cisco IOS v12.3 y v12.4, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda o cuelgue de dispositivo) a trav\u00e9s de tr\u00e1fico de red que lanza un firma IPS sin especificar. Vulnerabilidad distinta de CVE-2008-1447."
    }
  ],
  "id": "CVE-2008-2739",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-26T16:21:43.957",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/31990"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01556.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2670"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/31990"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01556.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6058"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2008-2739 (GCVE-0-2008-2739)

Vulnerability from cvelistv5

Published

2008-09-26 16:00