Denial of Service Vulnerability in Cisco IOS Products
CVE-2007-4430

Currently unrated

Key Information:

Vendor: Cisco
Status: Ios; Cli; Ids; Ios Xr
Vendor: CVE Published:; 20 August 2007

Summary

An unspecified vulnerability in Cisco IOS versions 12.0 through 12.4 permits context-dependent attackers to induce a denial of service. This occurs via the use of crafted regular expressions within the 'show ip bgp regexp' command, which can lead to device restarts and a rebuild of the BGP routing table. Notably, this issue can enable unauthenticated remote attacks in configurations that allow anonymous Telnet access and Looking Glass capabilities.

References

http://secunia.com/advisories/26798

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/25352

vdb-entryx_refsource_BID

http://www.securitytracker.com/id?1018685

vdb-entryx_refsource_SECTRACK

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 20, 2007
Vulnerability Reserved
Aug 20, 2007