CVE-2008-3805
Cisco Security Advisory 20080924-ipc
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806.
Cisco IOS v12.0 a la v12.4 sobre Cisco 10000, uBR10012 y uBR7200 maneja los paquetes externos UDP que son enviados a las direcciones 127.0.0.0/8 intencionadamente para la comunicación IPC en el propio dispositivo, esto permite a atacantes remotos provocar una denegación de servicio (reinicio de dispositivo o de "linecard") a través de paquetes UDP manipulados. Vulnerabilidad distinta de CVE-2008-3806.
Cisco 10000, uBR10012 and uBR7200 series devices use a User Datagram Protocol (UDP) based Inter-Process Communication (IPC) channel that is externally reachable. An attacker could exploit this vulnerability to cause a denial of service (DoS) condition on affected devices. No other platforms are affected. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-08-27 CVE Reserved
- 2008-09-24 CVE Published
- 2024-08-07 CVE Updated
- 2025-06-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/31990 | Third Party Advisory | |
| http://www.securitytracker.com/id?1020935 | Broken Link | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5910 | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2b Search vendor "Cisco" for product "Ios" and version "12.2b" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2ca Search vendor "Cisco" for product "Ios" and version "12.2ca" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2l Search vendor "Cisco" for product "Ios" and version "12.2l" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2rc Search vendor "Cisco" for product "Ios" and version "12.2rc" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2s Search vendor "Cisco" for product "Ios" and version "12.2s" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2t Search vendor "Cisco" for product "Ios" and version "12.2t" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2zx Search vendor "Cisco" for product "Ios" and version "12.2zx" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.3bc Search vendor "Cisco" for product "Ios" and version "12.3bc" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.3t Search vendor "Cisco" for product "Ios" and version "12.3t" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.3xi Search vendor "Cisco" for product "Ios" and version "12.3xi" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.4 Search vendor "Cisco" for product "Ios" and version "12.4" | - |
Affected
| ||||||