CVE-2009-0626 (HIGH)

Vendor	Product	Version range	Fixed in
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—

Cisco

Cisco IOS Software WebVPN and SSLVPN Vulnerabilities

vendor_cisco·2009-03-25·CVSS 7.8

CVE-2009-0626 [HIGH] CWE-399 Cisco IOS Software WebVPN and SSLVPN Vulnerabilities Cisco IOS Software WebVPN and SSLVPN Vulnerabilities Cisco IOS software contains two vulnerabilities within the Cisco IOS WebVPN or Cisco IOS SSLVPN feature (SSLVPN) that can be remotely exploited without authentication to cause a denial of service condition. Both vulnerabilities affect both Cisco IOS WebVPN and Cisco IOS SSLVPN features: Crafted HTTPS packet will crash device. SSLVPN sessions cause a memory leak in the device. Cisco has released software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. This advisory is posted at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090325-webvpn. Note: The March 25, 2009, Cisco IOS Security Advisory bundled publication

Cisco

Cisco IOS Software WebVPN and SSLVPN Vulnerabilities

vendor_cisco

CVE-2009-0626 Cisco IOS Software WebVPN and SSLVPN Vulnerabilities CVE-2009-0626: Cisco IOS Software WebVPN and SSLVPN Vulnerabilities Cisco IOS software contains two vulnerabilities within the Cisco IOS WebVPN or Cisco IOS SSLVPN feature (SSLVPN) that can be remotely exploited without authentication to cause a denial of service condition. Both vulnerabilities affect both Cisco IOS WebVPN and Cisco IOS SSLVPN features: Crafted HTTPS packet will crash device. SSLVPN sessions cause a memory leak in the device. Cisco has released software updates that address these vulnerabilities. There are no CWE: CWE-399, CWE-399 Bug IDs: CSCsl30548, CSCsx15333, CSCsx28406, CSCsl30548, CSCsx15333

GHSA

GHSA-mh9q-4hwx-prrv: The SSLVPN feature in Cisco IOS 12

ghsa_unreviewed·2022-05-02

CVE-2009-0626 [HIGH] GHSA-mh9q-4hwx-prrv: The SSLVPN feature in Cisco IOS 12 The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.

CVE-2009-0626: The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.

Affected