Denial of Service Vulnerability in Cisco IOS SSL Support
CVE-2007-2813

Currently unrated

Key Information:

Vendor: Cisco
Status: Ios Transmission Control Protocol
Vendor: CVE Published:; 22 May 2007

Summary

Cisco IOS versions 12.4 and earlier, when SSL support is enabled alongside crypto packages, are susceptible to a denial of service attack. This vulnerability allows remote attackers to disrupt SSL sessions by sending malformed ClientHello, ChangeCipherSpec, or Finished messages. Exploitation of this vulnerability can lead to significant service interruptions, impacting the integrity and availability of the network.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/34442

vdb-entryx_refsource_XF

http://www.securitytracker.com/id?1018094

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/34436

vdb-entryx_refsource_XF

Timeline

Vulnerability published
May 22, 2007
Vulnerability Reserved
May 22, 2007