Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> CISCO >> Cisco IOS Intrusion Prevention System Multiple Vulnerabilities


Vulnerability Assessment Details

Cisco IOS Intrusion Prevention System Multiple Vulnerabilities

Vulnerability Assessment Summary
Uses SNMP to determine if a flaw is present

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote CISCO device can be crashed remotely

Description :


The remote version of IOS contains an intrusion prevention system which
is vulnerable to a fragmented packet evasion vulnerability and to a denial
of service vulnerability.

A possible hacker might use these flaws to disable this device remotely or to
sneak past the IPS.

Solution :

http://www.cisco.com/warp/public/707/cisco-sa-20070213-iosips.shtml

Network Security Threat Level:

High / CVSS Base Score : 8.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:C/B:A)

Networks Security ID: 22549

Vulnerability Assessment Copyright: This script is (C) 2007 Tenable Network Security

Cables, Connectors

Cisco PIX 515 Firewall
$39.99
Cisco PIX 515 Firewall pictureDell SonicWALL NSA 4500 HA Network Security Appliance 1RK13-051 Transferable
$288.0
Dell SonicWALL NSA 4500 HA Network Security Appliance 1RK13-051 Transferable pictureNetgear ProSecure Unified Threat Management UTM150 Security Appliance Firewall
$96.0
Netgear ProSecure Unified Threat Management UTM150 Security Appliance Firewall pictureJuniper Networks SSG5 SSG-5-SH-MW-US 7 Port Wireless Router Firewall VPN Gateway
$149.99
Juniper Networks SSG5 SSG-5-SH-MW-US 7 Port Wireless Router Firewall VPN Gateway picture


Discussions

No Discussions have been posted on this vulnerability.