Denial of Service Vulnerability in Cisco Intrusion Prevention System Software
CVE-2013-3410

Currently unrated

Key Information:

Vendor: Cisco
Status: Intrusion Prevention System; Ips Nme
Vendor: CVE Published:; 18 July 2013

Summary

Cisco Intrusion Prevention System (IPS) Software on affected IPS NME devices prior to version 7.0(9)E4 is vulnerable to a denial of service attack. Remote attackers can exploit this vulnerability by sending malformed IPv4 packets that cause incorrect memory allocation, leading to device reload. This flaw may impact the availability of the IPS and requires timely updates to ensure device security.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://secunia.com/advisories/54243

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jul 18, 2013
Vulnerability Reserved
May 6, 2013