Cisco PIX 6.3 and 7.0 allows remote malicious users to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco pix 6.3 |
||
cisco pix 7.0 |