Vulnerability Description
Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a malformed HTTPS request.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Firewall Services Module | 3.1 |
References
- http://secunia.com/advisories/24172Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.sPatchVendor Advisory
- http://www.securityfocus.com/bid/22561
- http://www.vupen.com/english/advisories/2007/0609
- http://secunia.com/advisories/24172Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.sPatchVendor Advisory
- http://www.securityfocus.com/bid/22561
- http://www.vupen.com/english/advisories/2007/0609
FAQ
What is CVE-2007-0964?
CVE-2007-0964 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboo...
How severe is CVE-2007-0964?
CVE-2007-0964 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0964?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Firewall Services Module.