Vulnerabilities > CVE-2003-1004 - Denial-Of-Service vulnerability in Cisco PIX Firewall and PIX Firewall Software

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

cisco

NVD

Published: 2004-01-05

Updated: 2018-10-30

Summary

Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco PIX Firewall 6.2.2_.111	1
OS	Cisco Cisco PIX Firewall Software 6.2 Cisco PIX Firewall Software 6.2\(1\) Cisco PIX Firewall Software 6.2\(2\) Cisco PIX Firewall Software 6.2\(3\) Cisco PIX Firewall Software 6.2\(3.100\)	5

References

http://www.cisco.com/warp/public/707/cisco-sa-20031215-pix.shtml