ID CVE-2008-3798
Summary Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.
References
Vulnerable Configurations
  • cpe:2.3:h:cisco:ios:12.4
    cpe:2.3:h:cisco:ios:12.4
  • cpe:2.3:h:cisco:ios:12.4mr
    cpe:2.3:h:cisco:ios:12.4mr
CVSS
Base: 7.8 (as of 29-09-2008 - 09:43)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
NASL family CISCO
NASL id CISCO-SA-20080924-SSLHTTP.NASL
description A Cisco IOS device may crash while processing an SSL packet. This can happen during the termination of an SSL-based session. The offending packet is not malformed and is normally received as part of the packet exchange. Cisco has released free software updates that address this vulnerability. Aside from disabling affected services, there are no available workarounds to mitigate an exploit of this vulnerability.
last seen 2019-02-21
modified 2018-11-15
plugin id 49026
published 2010-09-01
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=49026
title Vulnerability in Cisco IOS While Processing SSL Packet - Cisco Systems
oval via4
accepted 2012-01-30T04:00:59.267-05:00
class vulnerability
contributors
  • name Yuzheng Zhou
    organization Hewlett-Packard
  • name KASHIF LATIF
    organization DTCC
  • name Shane Shaffer
    organization G2, Inc.
description Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.
family ios
id oval:org.mitre.oval:def:6087
status accepted
submitted 2008-09-24T11:06:36.000-04:00
title Cisco IOS Processing SSL Packet Vulnerability
version 9
refmap via4
cisco 20080924 Vulnerability in Cisco IOS While Processing SSL Packet
sectrack 1020930
secunia 31990
vupen ADV-2008-2670
Last major update 29-10-2012 - 23:15
Published 26-09-2008 - 12:21
Last modified 28-09-2017 - 21:31
Back to Top