Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Published: 2009-03-27
Updated: 2017-08-17
Summary
Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets. Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml Obtaining Fixed Software Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html , or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml .
Vulnerable Configurations
| Part | Description | Count |
| OS | Cisco | 3 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20090325-CTCPHTTP.NASL |
| description | A series of TCP packets may cause a denial of service (DoS) condition on Cisco IOS devices that are configured as Easy VPN servers with the Cisco Tunneling Control Protocol (cTCP) encapsulation feature. Cisco has released free software updates that address this vulnerability. No workarounds are available; however, the IPSec NAT traversal (NAT-T) feature can be used as an alternative. |
| last seen | 2020-03-17 |
| modified | 2010-09-01 |
| plugin id | 49029 |
| published | 2010-09-01 |
| reporter | This script is (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/49029 |
| title | Cisco IOS cTCP Denial of Service Vulnerability - Cisco Systems |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 34246 CVE(CAN) ID: CVE-2009-0635 Cisco IOS是思科网络设备所使用的互联网操作系统。 在配置为Easy VPN服务器的Cisco IOS设备上,如果启用了Cisco隧道控制协议(cTCP)封装功能,则一系列TCP报文可能导致设备耗尽内存。 Cisco IOS 12.4 厂商补丁: Cisco ----- Cisco已经为此发布了一个安全公告(cisco-sa-20090325-ctcp)以及相应补丁: cisco-sa-20090325-ctcp:Cisco IOS cTCP Denial of Service Vulnerability 链接:<a href=http://www.cisco.com/warp/public/707/cisco-sa-20090325-ctcp.shtml target=_blank rel=external nofollow>http://www.cisco.com/warp/public/707/cisco-sa-20090325-ctcp.shtml</a> |
| id | SSV:4964 |
| last seen | 2017-11-19 |
| modified | 2009-03-28 |
| published | 2009-03-28 |
| reporter | Root |
| title | Cisco IOS cTCP协议远程拒绝服务漏洞 |