Published: 28/09/2009 Updated: 01/10/2009

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote malicious users to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 12.2xna
cisco ios 12.2xnb
cisco ios 12.4xf
cisco ios 12.4xj
cisco ios 12.4xz
cisco ios 12.4sw
cisco ios 12.4t
cisco ios 12.4xw
cisco ios 12.4xy
cisco ios 12.4md
cisco ios 12.4mr
cisco ios 12.4xr
cisco ios 12.4xv
cisco ios 12.2xnc
cisco ios 12.2xnd
cisco ios 12.4xk
cisco ios 12.4xq

Cisco IOS® Software contains a vulnerability that could allow an attacker to cause a Cisco IOS device to reload by remotely sending a crafted encryption packet Cisco has released software updates that address this vulnerability This advisory is posted at toolsciscocom/security/center/content/CiscoSecurityAdvisory/cisco-sa- ...

NVD-CWE-noinfo http://tools.cisco.com/security/center/viewAlert.x?alertId=18892 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811c.shtml http://www.vupen.com/english/advisories/2009/2759 http://www.securitytracker.com/id?1022930 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-tls

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-2871

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect