Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2733

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2008-2733
Last Modified 29 Oct 2012 11:12:36
Published 04 Sep 2008 12:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2733

Summary

Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942.

Vulnerable Systems


References

SECTRACK - 1020811

SECTRACK - 1020810

CISCO - 20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA

XF - cisco-pix-asa-ipsecclientauth-dos(44867)

BID - 30998

CISCO - 20080903 Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA

SECUNIA - 31730


Last Updated: 27 May 2016 11:01:18