A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to errors in the processing of IKEv1 Phase 1 protocol exchange messages. This can be exploited to cause a DoS via specially crafted IKE packets.
The vulnerability has been reported in the following products.
* Cisco IOS versions based on 12.2SXD, 12.3T, 12.4 and 12.4T
* Cisco PIX Firewall versions up to but not including 6.3(5)
* Cisco PIX Firewall/ASA versions up to but not including 18.104.22.168
* Cisco Firewall Services Module (FWSM) versions up to but not including 2.3(3)
* Cisco VPN 3000 Series Concentrators versions up to but not including 4.1(7)H and 4.7(2)B
* Cisco MDS Series SanOS versions up to but not including 2.1(2)
Note: For Cisco IOS, only images that contain the Crypto Feature Set are vulnerable.
Solution: See patch matrix in vendor advisory for information about fixes.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Cisco ISAKMP IKE Message Processing Denial of Service
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.