CVE-2009-2871
published 2009-09-28CVE-2009-2871: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause…
high7.8CVSS 3.1
AVNACLAuNCNINAC
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
Cisco
Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability
vendor_cisco·2009-09-23·CVSS 7.8
CVE-2009-2871 [HIGH] CWE-399 Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability
Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability
Cisco IOS® Software contains a vulnerability
that could allow an attacker to cause a Cisco IOS device to reload by remotely
sending a crafted encryption packet.
Cisco has released software updates that address this vulnerability.
This advisory is posted at
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-tls.
Note: The September 23, 2009, Cisco IOS Security Advisory bundled
publication includes eleven Security Advisories. Ten of the advisories address
vulnerabilities in Cisco IOS Software, and one advisory addresses a
vulnerability in Cisco Unified Communications Manager. Each advisory lists the
releases that correct the vulnerability or vulnerabilities detailed i
Cisco
Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability
vendor_cisco
CVE-2009-2871 Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability
CVE-2009-2871: Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability
Cisco IOS � Software contains a vulnerability that could allow an attacker to cause a Cisco IOS device to reload by remotely sending a crafted encryption packet. Cisco has released software updates that address this vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-tls . Note: The September 23, 2009, Cisco IOS Security Advisory bundled publication includes eleven Security Advisories. Ten of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabiliti
GHSA
GHSA-w8mc-2j77-9pfm: Unspecified vulnerability in Cisco IOS 12
ghsa_unreviewed·2022-05-02
CVE-2009-2871 [HIGH] GHSA-w8mc-2j77-9pfm: Unspecified vulnerability in Cisco IOS 12
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://tools.cisco.com/security/center/viewAlert.x?alertId=18892http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811c.shtmlhttp://www.securitytracker.com/id?1022930http://www.vupen.com/english/advisories/2009/2759http://tools.cisco.com/security/center/viewAlert.x?alertId=18892http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811c.shtmlhttp://www.securitytracker.com/id?1022930http://www.vupen.com/english/advisories/2009/2759
2009-09-28
Published