FKIE_CVE-2008-2739

Vulnerability from fkie_nvd - Published: 2008-09-26 16:21 - Updated: 2026-06-16 22:54
Severity
Summary
The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.
Impacted products
Vendor Product Version
cisco ios 12.3t
cisco ios 12.3xl
cisco ios 12.3xq
cisco ios 12.3xr
cisco ios 12.3xs
cisco ios 12.3xx
cisco ios 12.3ya
cisco ios 12.3yd
cisco ios 12.3yg
cisco ios 12.3yh
cisco ios 12.3yi
cisco ios 12.3yk
cisco ios 12.3ys
cisco ios 12.3yt
cisco ios 12.3za
cisco ios 12.4xa
cisco ios 12.4xc
cisco ios 12.4xe
cisco ios 12.4xf
cisco ios 12.4xj
cisco ios 12.4xk
cisco ios 12.4xt
cisco ios 12.4xv

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "psirt@cisco.com"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3t:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0C3B413-76F7-413B-A51F-29834F9DE722",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3xl:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FC4904-1F4D-4E10-AF95-911B07827598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3xq:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B9E611-3F06-424C-96EF-EE4997C70AB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3xr:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0A5760A-9FFE-4941-B2BD-7DD54B1E1B37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3xs:*:*:*:*:*:*:*",
              "matchCriteriaId": "98FE195E-084B-4F4C-800D-850165DED48C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3xx:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1976E53-85A6-494F-B8AC-847E7988850C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3ya:*:*:*:*:*:*:*",
              "matchCriteriaId": "320C5597-68BE-4899-9EBB-9B4DEE8EA7DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yd:*:*:*:*:*:*:*",
              "matchCriteriaId": "520304A4-EB15-42A8-A402-8251A4D2076D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yg:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA88C064-898F-4C0D-A266-D7B3509C28A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yh:*:*:*:*:*:*:*",
              "matchCriteriaId": "139B1182-61A3-4F3D-9E29-758F27917646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yi:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC3706F-B00A-405E-917E-7FD5217E0501",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yk:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF4D0E3-8015-4D6F-8364-B6EEAAE67971",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3ys:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF9D6B6-E51F-44FF-97E5-15E0C4E9C3D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3yt:*:*:*:*:*:*:*",
              "matchCriteriaId": "A25C42FA-37F4-4B7F-AFCA-D7F081F58CF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3za:*:*:*:*:*:*:*",
              "matchCriteriaId": "3870C62F-D086-419C-A0E6-815E9ED5DE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xa:*:*:*:*:*:*:*",
              "matchCriteriaId": "99235FFB-4439-40B2-ADBD-B08E5DBBCCB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xc:*:*:*:*:*:*:*",
              "matchCriteriaId": "544BD924-2CBD-4130-BBD3-5AD084C85FE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xe:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F36C3D-E9A2-41A1-BE71-4D8B00D228E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xf:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D1CD80F-E898-41CE-8A86-28C2F48B928A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xj:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF610051-1638-4C1B-9864-11E34EFC4DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xk:*:*:*:*:*:*:*",
              "matchCriteriaId": "78260223-50C0-48F8-9A65-AE67489E602C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xt:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFED1FFB-899D-4A48-9CCA-0B8737AE1408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xv:*:*:*:*:*:*:*",
              "matchCriteriaId": "883FA166-2973-42BA-842D-28FBDBFEAC4A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447."
    },
    {
      "lang": "es",
      "value": "El motor de firma SERVICE.DNS en  Intrusion Prevention System  (IPS) en Cisco IOS v12.3 y v12.4, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda o cuelgue de dispositivo) a trav\u00e9s de tr\u00e1fico de red que lanza un firma IPS sin especificar. Vulnerabilidad distinta de CVE-2008-1447."
    }
  ],
  "id": "CVE-2008-2739",
  "lastModified": "2026-06-16T22:54:20.483",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-26T16:21:43.957",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/31990"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01556.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2670"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/31990"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01556.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6058"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…