Vulnerability Description
Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Firewall Services Module | 3.1 |
References
- http://secunia.com/advisories/24172Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.sPatchVendor Advisory
- http://www.securityfocus.com/bid/22561
- http://www.vupen.com/english/advisories/2007/0609
- http://secunia.com/advisories/24172Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.sPatchVendor Advisory
- http://www.securityfocus.com/bid/22561
- http://www.vupen.com/english/advisories/2007/0609
FAQ
What is CVE-2007-0965?
CVE-2007-0965 is a vulnerability with a CVSS score of 7.8 (HIGH). Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot...
How severe is CVE-2007-0965?
CVE-2007-0965 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0965?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Firewall Services Module.