Vulnerabilities > CVE-2007-0964 - Products Multiple Remote Denial Of Service vulnerability in Cisco Firewall Services Module 3.1

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

high complexity

cisco

NVD

Published: 2007-02-16

Updated: 2011-03-08

Summary

Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a malformed HTTPS request.

Vulnerable Configurations

Part	Description	Count
Hardware	Cisco Cisco Firewall Services Module 3.1	1

References

http://secunia.com/advisories/24172
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml
http://www.securityfocus.com/bid/22561
http://www.vupen.com/english/advisories/2007/0609