CVE-2009-0629Cisco IOS vulnerability

CWE-3994 documents4 sources
Severity
5.4MEDIUMNVD
EPSS
0.9%
top 23.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOSCisco IOS XR
Timeline
PublishedMar 27
Latest updateMay 2

Description

The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) vi

CVSS vector

AV:N/AC:H/C:N/I:N/A:CExploitability: 4.9 | Impact: 6.9

Affected Packages2 packages

NVDcisco/ios186 versions+185
NVDcisco/ios_xr12.4

🔴Vulnerability Details

2
GHSA
GHSA-x6xf-5q35-j8vr: The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Archi2022-05-02
CVEList
CVE-2009-0629: The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Archi2009-03-27

📋Vendor Advisories

1
Cisco
Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability2009-03-25
CVE-2009-0629 — Cisco IOS vulnerability | cvebase