Details of VAR-200708-0166

ID

VAR-200708-0166

CVE

CVE-2007-4286

TITLE

CISCO IOS NHRP Remote Buffer Overflow Vulnerability

Trust: 0.9

sources: BID: 25238 // CNNVD: CNNVD-200708-168

DESCRIPTION

Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet. Cisco IOS is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the affected component. Attackers could also restart the device, resulting in denial-of-service conditions. Cisco IOS 12.0 through 12.4 are vulnerable. ---------------------------------------------------------------------- BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. The vulnerability is caused due to a boundary error in the implementation of the Next Hop Resolution Protocol. This can be exploited to cause a buffer overflow by sending a specially crafted NHRP packet containing an invalid total length in the fixed header. Successful exploitation requires that support for the Next Hop Resolution Protocol is enabled. SOLUTION: Apply updated versions or vendor workarounds (please see the vendor advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits Martin Kluge. CHANGELOG: 2007-08-09: Updated "Description" section with additional information. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20070808-nhrp.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2007-4286 // CERT/CC: VU#201984 // JVNDB: JVNDB-2007-000582 // BID: 25238 // VULHUB: VHN-27648 // PACKETSTORM: 58399

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	12.4	Trust: 2.7
vendor:	cisco	model:	ios	scope:	eq	version:	12.3	Trust: 2.7
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 2.7
vendor:	cisco	model:	ios	scope:	eq	version:	12.1	Trust: 2.7
vendor:	cisco	model:	ios	scope:	eq	version:	12.0	Trust: 2.7
vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios 12.4xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4mr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ys	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ym	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xs	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3bw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3bc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ze	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2za	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yv	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ym	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ye	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.2xv	Trust: 0.3
vendor:	cisco	model:	ios 12.2xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xs	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2vz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2uz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2tpc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sv	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2su	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sga	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sbc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2mc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2mb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ewa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ew	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2eu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2dx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2dd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2da	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2cy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2cx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2by	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ye	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.1xx	Trust: 0.3
vendor:	cisco	model:	ios 12.1xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.1xv	Trust: 0.3
vendor:	cisco	model:	ios 12.1xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xs	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1gb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ga	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ez	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ex	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ew	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ec	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1e	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1dc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1da	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1cx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1aa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0sy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0sx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0st	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0sp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0dc	scope:	-	version:	-	Trust: 0.3

sources: CERT/CC: VU#201984 // BID: 25238 // JVNDB: JVNDB-2007-000582 // NVD: CVE-2007-4286 // CNNVD: CNNVD-200708-168

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2007-4286
value:	HIGH
Trust: 1.8
CARNEGIE MELLON:	VU#201984
value:	17.85
Trust: 0.8
CNNVD:	CNNVD-200708-168
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-27648
value:	HIGH
Trust: 0.1

NVD:
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2007-4286
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-27648
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#201984 // VULHUB: VHN-27648 // JVNDB: JVNDB-2007-000582 // NVD: CVE-2007-4286 // CNNVD: CNNVD-200708-168

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-27648 // JVNDB: JVNDB-2007-000582 // NVD: CVE-2007-4286

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200708-168

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200708-168

CONFIGURATIONS

sources: NVD: CVE-2007-4286

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-27648

PATCH

title:

cisco-sa-20070808-nhrp

url:

http://www.cisco.com/warp/public/707/cisco-sa-20070808-nhrp.shtml

Trust: 0.8

sources: JVNDB: JVNDB-2007-000582

EXTERNAL IDS

db:	SECUNIA	id:	26360	Trust: 3.4
db:	CERT/CC	id:	VU#201984	Trust: 3.3
db:	BID	id:	25238	Trust: 2.8
db:	NVD	id:	CVE-2007-4286	Trust: 2.8
db:	SECTRACK	id:	1018535	Trust: 1.7
db:	VUPEN	id:	ADV-2007-2818	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-000582	Trust: 0.8
db:	CNNVD	id:	CNNVD-200708-168	Trust: 0.7
db:	BUGTRAQ	id:	20070809 CISCO NHRP DENIAL OF SERVICE (CISCO-SA-20070808-NHRP)	Trust: 0.6
db:	XF	id:	35889	Trust: 0.6
db:	CISCO	id:	20070808 CISCO IOS NEXT HOP RESOLUTION PROTOCOL VULNERABILITY	Trust: 0.6
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:5675	Trust: 0.6
db:	EXPLOIT-DB	id:	4272	Trust: 0.1
db:	VULHUB	id:	VHN-27648	Trust: 0.1
db:	PACKETSTORM	id:	58399	Trust: 0.1

sources: CERT/CC: VU#201984 // VULHUB: VHN-27648 // BID: 25238 // JVNDB: JVNDB-2007-000582 // PACKETSTORM: 58399 // NVD: CVE-2007-4286 // CNNVD: CNNVD-200708-168

REFERENCES

url:	http://www.securityfocus.com/bid/25238	Trust: 2.5
url:	http://www.kb.cert.org/vuls/id/201984	Trust: 2.5
url:	http://www.cisco.com/en/us/products/products_security_advisory09186a008089963b.shtml	Trust: 2.0
url:	http://secunia.com/advisories/26360/	Trust: 1.7
url:	http://www.securitytracker.com/id?1018535	Trust: 1.7
url:	http://secunia.com/advisories/26360	Trust: 1.7
url:	http://www.frsirt.com/english/advisories/2007/2818	Trust: 1.4
url:	http://www.securityfocus.com/archive/1/475931/100/0/threaded	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5675	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2007/2818	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/35889	Trust: 1.1
url:	http://www.cisco.com/warp/public/707/cisco-sa-20070808-nhrp.shtml	Trust: 0.9
url:	http://www.cisco.com/en/us/products/ps6350/products_configuration_guide_chapter09186a0080435815.html	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4286	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4286	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/35889	Trust: 0.6
url:	http://www.securityfocus.com/archive/1/archive/1/475931/100/0/threaded	Trust: 0.6
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5675	Trust: 0.6
url:	http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html	Trust: 0.3
url:	/archive/1/475931	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/50/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	https://psi.secunia.com/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/182/	Trust: 0.1

sources: CERT/CC: VU#201984 // VULHUB: VHN-27648 // BID: 25238 // JVNDB: JVNDB-2007-000582 // PACKETSTORM: 58399 // NVD: CVE-2007-4286 // CNNVD: CNNVD-200708-168

CREDITS

Martin Kluge

Trust: 0.6

sources: CNNVD: CNNVD-200708-168

SOURCES

db:	CERT/CC	id:	VU#201984
db:	VULHUB	id:	VHN-27648
db:	BID	id:	25238
db:	JVNDB	id:	JVNDB-2007-000582
db:	PACKETSTORM	id:	58399
db:	NVD	id:	CVE-2007-4286
db:	CNNVD	id:	CNNVD-200708-168

LAST UPDATE DATE

2023-12-18T13:58:19.542000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#201984	date:	2007-08-10T00:00:00
db:	VULHUB	id:	VHN-27648	date:	2018-10-15T00:00:00
db:	BID	id:	25238	date:	2015-05-07T17:36:00
db:	JVNDB	id:	JVNDB-2007-000582	date:	2007-08-21T00:00:00
db:	NVD	id:	CVE-2007-4286	date:	2018-10-15T21:34:18.213
db:	CNNVD	id:	CNNVD-200708-168	date:	2009-03-04T00:00:00

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#201984	date:	2007-08-09T00:00:00
db:	VULHUB	id:	VHN-27648	date:	2007-08-09T00:00:00
db:	BID	id:	25238	date:	2007-08-08T00:00:00
db:	JVNDB	id:	JVNDB-2007-000582	date:	2007-08-21T00:00:00
db:	PACKETSTORM	id:	58399	date:	2007-08-10T02:01:07
db:	NVD	id:	CVE-2007-4286	date:	2007-08-09T21:17:00
db:	CNNVD	id:	CNNVD-200708-168	date:	2007-08-09T00:00:00