Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0628

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2009-0628
Last Modified 18 Jul 2011 10:25:36
Published 27 Mar 2009 12:30:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0628

Summary

Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak.

Vulnerable Systems

Operating System

  • Cisco Ios 12.3

  • Cisco Ios 12.4


References

XF - ios-sslvpn-tcbleak-dos(49427)

VUPEN - ADV-2009-0851

BID - 34239

CONFIRM - http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml

CISCO - 20090325 Cisco IOS Software WebVPN and SSLVPN Vulnerabilities

SECTRACK - 1021896

SECUNIA - 34438


Last Updated: 27 May 2016 10:50:19