Vulnerability CVE-2009-0629


Published: 2009-03-27   Modified: 2012-02-13

Description:
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets.

CVSS2 => (AV:N/AC:H/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.4/10
6.9/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> IOS 
Cisco -> Ios s 
Cisco -> Ios t 
Cisco -> Ios xr 

 References:
http://securitytracker.com/id?1021903
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904cb.shtml
http://www.securityfocus.com/bid/34238
http://www.vupen.com/english/advisories/2009/0851
https://exchange.xforce.ibmcloud.com/vulnerabilities/49420

Copyright 2024, cxsecurity.com

 

Back to Top