CVE-2009-0635

Sažetak

Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets.

Reference

http://secunia.com/advisories/34438
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90459.shtml
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml
http://www.securityfocus.com/bid/34246
http://www.securitytracker.com/id?1021895
http://www.vupen.com/english/advisories/2009/0851
https://exchange.xforce.ibmcloud.com/vulnerabilities/49417

CVSS

Base:	7.1
Impact:	6.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

17-08-2017 - 01:29

Objavljeno

27-03-2009 - 16:30