Denial of Service Vulnerability in Cisco Wide Area Application Services
CVE-2007-3923

Currently unrated

Key Information:

Vendor: Cisco
Status: Wide Area Application Services
Vendor: CVE Published:; 21 July 2007

Summary

The Cisco Wide Area Application Services (WAAS) software, specifically versions 4.0.7 and 4.0.9, contains a vulnerability in its Common Internet File System (CIFS) optimization feature. When Edge Services are configured, this flaw allows remote attackers to exploit the system by flooding it with TCP SYN packets directed at ports 139 and 445. This can lead to a denial of service, effectively rendering network services inaccessible and causing significant disruption to operations.

References

http://www.cisco.com/warp/public/707/cisco-sa-20070718-wa...

vendor-advisoryx_refsource_CISCO

http://www.vupen.com/english/advisories/2007/2572

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/24956

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jul 21, 2007
Vulnerability Reserved
Jul 20, 2007