Sign-up

ID

VAR-200708-0165


CVE

CVE-2007-4285


TITLE

Cisco IOS In IPv6 Packet vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2007-000581

DESCRIPTION

Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header. IOS is prone to a denial-of-service vulnerability. An unspecified vulnerability exists in Cisco IOS and Cisco IOS XR Releases 12.x through 12.3 and other releases prior to 12.3(15) and 12.3(14)T. ---------------------------------------------------------------------- BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. The vulnerability is caused due to an error when processing IPv6 packets with a Type 0 routing header. Successful exploitation requires that the device is configured to use IPv6. The following products are reportedly not affected: * Cisco PIX and ASA Appliances * Cisco Firewall Services Module (FWSM) * Cisco MDS SOLUTION: Apply updated versions. See vendor advisory for more details. Filter packets that contain Type 0 routing headers. See Workarounds section in vendor advisory. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor, who also credits Tom Cross, IBM ISS X-Force. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20070808-IOS-IPv6-leak.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-4285 // JVNDB: JVNDB-2007-000581 // BID: 85487 // VULHUB: VHN-27647 // PACKETSTORM: 58396

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:12.3

Trust: 2.7

vendor:ciscomodel:iosscope:eqversion:12.2

Trust: 2.7

vendor:ciscomodel:iosscope:eqversion:12.1

Trust: 2.7

vendor:ciscomodel:iosscope:eqversion:12.0

Trust: 2.7

sources: BID: 85487 // JVNDB: JVNDB-2007-000581 // CNNVD: CNNVD-200708-155 // NVD: CVE-2007-4285

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-4285
value: HIGH

Trust: 1.0

NVD: CVE-2007-4285
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200708-155
value: CRITICAL

Trust: 0.6

VULHUB: VHN-27647
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-4285
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: CVE-2007-4285
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-27647
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-27647 // JVNDB: JVNDB-2007-000581 // CNNVD: CNNVD-200708-155 // NVD: CVE-2007-4285

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2007-4285

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200708-155

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200708-155

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-000581

PATCH
title:cisco-sa-20070808-IOS-IPv6-leakurl:http://www.cisco.com/warp/public/707/cisco-sa-20070808-IOS-IPv6-leak.shtml
Trust: 0.8
title:countermeasures-for-ipv6-type0-rhurl:http://www.cisco.com/web/about/security/intelligence/countermeasures-for-ipv6-type0-rh.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-000581

EXTERNAL IDS
db:NVDid:CVE-2007-4285
Trust: 2.8
db:SECTRACKid:1018542
Trust: 2.8
db:SECUNIAid:26359
Trust: 2.6
db:VUPENid:ADV-2007-2819
Trust: 1.7
db:XFid:35906
Trust: 0.9
db:JVNDBid:JVNDB-2007-000581
Trust: 0.8
db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:5840
Trust: 0.6
db:XFid:6
Trust: 0.6
db:CISCOid:20070808 CISCO IOS INFORMATION LEAKAGE USING IPV6 ROUTING HEADER
Trust: 0.6
db:CNNVDid:CNNVD-200708-155
Trust: 0.6
db:BIDid:85487
Trust: 0.4
db:VULHUBid:VHN-27647
Trust: 0.1
db:PACKETSTORMid:58396
Trust: 0.1
sources:
            
            
            VULHUB: VHN-27647 // 
            
            
            
            BID: 85487 // 
            
            
            
            JVNDB: JVNDB-2007-000581 // 
            
            
            
            PACKETSTORM: 58396 // 
            
            
            
            CNNVD: CNNVD-200708-155 // 
            
            
            
            NVD: CVE-2007-4285

REFERENCES
url:http://www.securitytracker.com/id?1018542
Trust: 2.8
url:http://www.cisco.com/en/us/products/products_security_advisory09186a0080899647.shtml
Trust: 2.0
url:http://secunia.com/advisories/26359
Trust: 1.7
url:http://www.frsirt.com/english/advisories/2007/2819
Trust: 1.4
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5840
Trust: 1.1
url:http://www.vupen.com/english/advisories/2007/2819
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/35906
Trust: 1.1
url:http://xforce.iss.net/xforce/xfdb/35906
Trust: 0.9
url:http://secunia.com/advisories/26359/
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4285
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4285
Trust: 0.8
url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5840
Trust: 0.6
url:http://www.cisco.com/warp/public/707/cisco-sa-20070808-ios-ipv6-leak.shtml
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/50/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:https://psi.secunia.com/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/product/4907/
Trust: 0.1
url:http://secunia.com/product/182/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-27647 // 
            
            
            
            BID: 85487 // 
            
            
            
            JVNDB: JVNDB-2007-000581 // 
            
            
            
            PACKETSTORM: 58396 // 
            
            
            
            CNNVD: CNNVD-200708-155 // 
            
            
            
            NVD: CVE-2007-4285

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 85487

SOURCES
db:VULHUBid:VHN-27647
db:BIDid:85487
db:JVNDBid:JVNDB-2007-000581
db:PACKETSTORMid:58396
db:CNNVDid:CNNVD-200708-155
db:NVDid:CVE-2007-4285

LAST UPDATE DATE
2025-04-10T21:52:51.475000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-27647date:2017-09-29T00:00:00
db:BIDid:85487date:2007-08-09T00:00:00
db:JVNDBid:JVNDB-2007-000581date:2007-08-21T00:00:00
db:CNNVDid:CNNVD-200708-155date:2009-03-04T00:00:00
db:NVDid:CVE-2007-4285date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-27647date:2007-08-09T00:00:00
db:BIDid:85487date:2007-08-09T00:00:00
db:JVNDBid:JVNDB-2007-000581date:2007-08-21T00:00:00
db:PACKETSTORMid:58396date:2007-08-10T02:01:07
db:CNNVDid:CNNVD-200708-155date:2007-08-09T00:00:00
db:NVDid:CVE-2007-4285date:2007-08-09T21:17:00