Executive Summary
| Summary | |
|---|---|
| Title | Cisco Intrusion Prevention System Jumbo Frame Denial of Service |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20080618-ips | First vendor Publication | 2008-05-15 |
| Vendor | Cisco | Last vendor Modification | 2008-06-18 |
| Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 7.8 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cisco Intrusion Prevention System (IPS) platforms that have gigabit network interfaces installed and are deployed in inline mode contain a denial of service vulnerability in the handling of jumbo Ethernet frames. This vulnerability may lead to a kernel panic that requires a power cycle to recover platform operation. Platforms deployed in promiscuous mode only or that do not contain gigabit network interfaces are not vulnerable. Cisco has released free software updates that address this vulnerability. There is a workaround for this vulnerability. |
Original Source
| Url : http://www.cisco.com/en/US/products/products_security_advisory09186a00809b (...) |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-16 | Configuration |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 46466 | Cisco Intrusion Prevention System Jumbo Ethernet Frames Remote DoS |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2008-07-10 | IAVM : 2008-T-0030 - Cisco Intrusion Prevention System Jumbo Frame Denial of Service Severity : Category I - VMSKEY : V0016156 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-08-14 | Name : The remote security appliance is missing a vendor-supplied patch. File : cisco-sa-20080618-ips.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 10:21:53 |
|
| 2013-11-11 12:37:27 |
|
