CVE-2008-2739
published 2008-09-26CVE-2008-2739: The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service…
high7.8CVSS 3.1
AVNACLAuNCNINAC
The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios_ips | — | — |
GHSA
GHSA-3x69-mjh4-vwh4: The SERVICE
ghsa_unreviewed·2022-05-01·CVSS 6.8
CVE-2008-2739 [MEDIUM] GHSA-3x69-mjh4-vwh4: The SERVICE
The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.
Cisco
Cisco IOS IPS Denial of Service Vulnerability
vendor_cisco·2008-09-24·CVSS 6.8
CVE-2008-2739 [MEDIUM] CWE-399 Cisco IOS IPS Denial of Service Vulnerability
Cisco IOS IPS Denial of Service Vulnerability
The Cisco IOS Intrusion Prevention System (IPS) feature contains a
vulnerability in the processing of certain IPS signatures that use the
SERVICE.DNS engine. This vulnerability may cause a router to crash or hang,
resulting in a denial of service condition.
Cisco has released software updates that address this vulnerability. There is a workaround for this vulnerability.
Note: This vulnerability is not related in any way to CVE-2008-1447 - Cache
poisoning attacks. Cisco Systems has published a Cisco Security Advisory for
that vulnerability, which can be found at
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080708-dns.
This advisory is posted at
https://sec.cloudapps.cisco.com/security/center/con
Cisco
Cisco IOS IPS Denial of Service Vulnerability
vendor_cisco
CVE-2008-2739 Cisco IOS IPS Denial of Service Vulnerability
CVE-2008-2739: Cisco IOS IPS Denial of Service Vulnerability
The Cisco IOS Intrusion Prevention System (IPS) feature contains a vulnerability in the processing of certain IPS signatures that use the SERVICE.DNS engine. This vulnerability may cause a router to crash or hang, resulting in a denial of service condition. Cisco has released software updates that address this vulnerability. There is a workaround for this vulnerability. Note: This vulnerability is not related in any way to CVE-2008-1447 - Cache poisoning attacks. Cisco Systems has published a Cisco Security Advisory for that vulnerability, which can be found at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080708-dns . This advisory is posted at https://sec.cloudapps.cisco.com/security/c
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/31990http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01556.shtmlhttp://www.vupen.com/english/advisories/2008/2670https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6058http://secunia.com/advisories/31990http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01556.shtmlhttp://www.vupen.com/english/advisories/2008/2670https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6058
2008-09-26
Published