Denial of Service Vulnerability in Cisco PIX and ASA Security Appliances
CVE-2007-0962

Currently unrated

Key Information:

Vendor: Cisco
Status: Firewall Services Module
Vendor: CVE Published:; 16 February 2007

Summary

A vulnerability exists in Cisco PIX 500 and ASA 5500 Series Security Appliances that allows remote attackers to exploit malformed HTTP traffic. When HTTP inspection is enabled, this flaw can lead to a denial of service condition, causing the affected device to reboot unexpectedly. This impacts security appliances running specific software versions and highlights the importance of keeping hardware configurations and firmware up to date.

References

http://www.vupen.com/english/advisories/2007/0608

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/24180

third-party-advisoryx_refsource_SECUNIA

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Feb 16, 2007
Vulnerability Reserved
Feb 15, 2007