Denial of Service Vulnerability in Cisco Firewall Services Module
CVE-2007-0965

Currently unrated

Key Information:

Vendor: Cisco
Status: Firewall Services Module
Vendor: CVE Published:; 16 February 2007

Summary

Certain versions of Cisco's Firewall Services Module (FWSM) 3.x experience a vulnerability that allows remote attackers to initiate a denial of service scenario. When the authentication methods 'aaa authentication match' or 'aaa authentication include' are utilized, an attacker can exploit this vulnerability by sending a lengthy HTTP request, thereby causing the device to reboot. This can lead to significant service interruptions and downtime, impacting network availability and security.

References

http://www.vupen.com/english/advisories/2007/0609

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/22561

vdb-entryx_refsource_BID

http://secunia.com/advisories/24172

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 16, 2007
Vulnerability Reserved
Feb 15, 2007