CVE-2008-2739 — Cisco IOS vulnerability

CWE-3994 documents4 sources

Severity

7.8HIGHNVD

CNA6.8

EPSS

0.7%

top 28.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS

Timeline

PublishedSep 26

Latest updateMay 1

Description

The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/ios23 versions+22

🔴Vulnerability Details

GHSA

GHSA-3x69-mjh4-vwh4: The SERVICE↗2022-05-01

▶

CVEList

CVE-2008-2739: The SERVICE↗2008-09-26

▶

📋Vendor Advisories

Cisco

Cisco IOS IPS Denial of Service Vulnerability↗2008-09-24

▶