Vulnerabilities > CVE-2009-2871 - Unspecified vulnerability in Cisco IOS
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cisco
nessus
Summary
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 17 |
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20090923-TLSHTTP.NASL |
| description | Cisco IOS Software contains a vulnerability that could allow an attacker to cause a Cisco IOS device to reload by remotely sending a crafted encryption packet. Cisco has released free software updates that address this vulnerability. |
| last seen | 2019-10-28 |
| modified | 2010-09-01 |
| plugin id | 49047 |
| published | 2010-09-01 |
| reporter | This script is (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/49047 |
| title | Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability - Cisco Systems |
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=18892
- http://tools.cisco.com/security/center/viewAlert.x?alertId=18892
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811c.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811c.shtml
- http://www.securitytracker.com/id?1022930
- http://www.securitytracker.com/id?1022930
- http://www.vupen.com/english/advisories/2009/2759
- http://www.vupen.com/english/advisories/2009/2759