Published: 28/09/2009 Updated: 01/10/2009
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote malicious users to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.

Vendor Advisories

Cisco IOS® Software contains a vulnerability that could allow an attacker to cause a Cisco IOS device to reload by remotely sending a crafted encryption packet Cisco has released software updates that address this vulnerability This advisory is posted at toolsciscocom/security/center/content/CiscoSecurityAdvisory/cisco-sa- ...