Race Condition in Cisco Adaptive Security Appliance and PIX Products
CVE-2007-2464

Currently unrated

Key Information:

Vendor: Cisco
Status: Pix; Adaptive Security Appliance Software
Vendor: CVE Published:; 2 May 2007

Summary

A race condition vulnerability exists in the Cisco Adaptive Security Appliance (ASA) and PIX devices, which can be exploited when 'clientless SSL VPNs' are used. This issue allows remote attackers to trigger a denial of service by initiating non-standard SSL sessions, leading to device reloading. It's critical for users of affected versions to update their devices to prevent potential disruptions in service.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

https://exchange.xforce.ibmcloud.com/vulnerabilities/34023

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2007/1636

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
May 2, 2007
Vulnerability Reserved
May 2, 2007