The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ios | Cisco | 12.3t (including) | 12.3t (including) |
| Ios | Cisco | 12.3xq (including) | 12.3xq (including) |
| Ios | Cisco | 12.3xr (including) | 12.3xr (including) |
| Ios | Cisco | 12.3xs (including) | 12.3xs (including) |
| Ios | Cisco | 12.3xw (including) | 12.3xw (including) |
| Ios | Cisco | 12.3xx (including) | 12.3xx (including) |
| Ios | Cisco | 12.3xy (including) | 12.3xy (including) |
| Ios | Cisco | 12.3ya (including) | 12.3ya (including) |
| Ios | Cisco | 12.3yd (including) | 12.3yd (including) |
| Ios | Cisco | 12.3yg (including) | 12.3yg (including) |
| Ios | Cisco | 12.3yh (including) | 12.3yh (including) |
| Ios | Cisco | 12.3yi (including) | 12.3yi (including) |
| Ios | Cisco | 12.3yj (including) | 12.3yj (including) |
| Ios | Cisco | 12.3yk (including) | 12.3yk (including) |
| Ios | Cisco | 12.3ym (including) | 12.3ym (including) |
| Ios | Cisco | 12.3yq (including) | 12.3yq (including) |
| Ios | Cisco | 12.3ys (including) | 12.3ys (including) |
| Ios | Cisco | 12.3yt (including) | 12.3yt (including) |
| Ios | Cisco | 12.3yx (including) | 12.3yx (including) |
| Ios | Cisco | 12.3yz (including) | 12.3yz (including) |
| Ios | Cisco | 12.4 (including) | 12.4 (including) |
| Ios | Cisco | 12.4mr (including) | 12.4mr (including) |
| Ios | Cisco | 12.4t (including) | 12.4t (including) |
| Ios | Cisco | 12.4xa (including) | 12.4xa (including) |
| Ios | Cisco | 12.4xb (including) | 12.4xb (including) |