7.1

CVE-2009-0635

Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoIos Version12.4t
CiscoIos Version12.4xz
CiscoIos Version12.4ya
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.51% 0.827
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml
Patch
Vendor Advisory
http://secunia.com/advisories/34438
Vendor Advisory
http://www.vupen.com/english/advisories/2009/0851
Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90459.shtml
Patch
Vendor Advisory
http://www.securityfocus.com/bid/34246
http://www.securitytracker.com/id?1021895
https://exchange.xforce.ibmcloud.com/vulnerabilities/49417