Denial of Service Vulnerability in Cisco PIX Firewall 6.2.x

CVE-2003-1004

Summary

A vulnerability exists in Cisco's PIX Firewall software versions 6.2.0 through 6.2.3 when configured as a VPN Client. This issue can be exploited by remote attackers who send a specific Internet Key Exchange (IKE) Phase I negotiation request to the outside interface of the firewall. Successful exploitation can lead to a denial of service, resulting in dropped IPSec tunnel connections, which can disrupt secure communication channels.

References