Vulnerability CVE-2008-2057
Published: 2008-06-04   Modified: 2012-02-12

Description:
The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:H/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.4/10
6.9/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Adaptive security appliance 
Cisco -> Pix security appliance 
Cisco -> Adaptive security appliance software 

 References:
http://securitytracker.com/id?1020180
http://securitytracker.com/id?1020181
http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml
http://www.vupen.com/english/advisories/2008/1750/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42837
Copyright 2024, cxsecurity.com

 

Back to Top