ID CVE-2004-0710
Summary IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.
References
Vulnerable Configurations
  • Cisco IOS 12.2 (14)SY
    cpe:2.3:o:cisco:ios:12.2%2814%29sy
  • Cisco IOS 12.2 (14)ZA
    cpe:2.3:o:cisco:ios:12.2%2814%29za
  • Cisco IOS 12.2 (14)ZA2
    cpe:2.3:o:cisco:ios:12.2%2814%29za2
  • Cisco IOS 12.2 (17a)SXA
    cpe:2.3:o:cisco:ios:12.2%2817a%29sxa
  • Cisco IOS 12.2SXA
    cpe:2.3:o:cisco:ios:12.2sxa
  • Cisco IOS 12.2SXB
    cpe:2.3:o:cisco:ios:12.2sxb
  • Cisco IOS 12.2SY
    cpe:2.3:o:cisco:ios:12.2sy
  • Cisco IOS 12.2ZA
    cpe:2.3:o:cisco:ios:12.2za
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
NASL family CISCO
NASL id CSCED30113.NASL
description The remote router contains a version of IOS which has multiple flaws when dealing with malformed IKE packets. CISCO identifies this vulnerability as bug id CSCed30113 An attacker may use this flaw to render this router inoperable
last seen 2019-02-21
modified 2018-06-27
plugin id 12199
published 2004-04-08
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=12199
title Cisco IPSec VPNSM IKE Packet DoS (CSCed30113)
oval via4
accepted 2008-09-08T04:00:37.350-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.
family ios
id oval:org.mitre.oval:def:5696
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco Systems IPSec VPN Services Module Malformed IKE Packet Vulnerability
version 3
refmap via4
bid 10083
cert-vn VU#904310
cisco 20040408 Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability
xf cisco-vpnsm-ike-dos(15797)
Last major update 04-03-2009 - 00:22
Published 27-07-2004 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top