CVE-2008-0028 — HIGH (7.1) — White Hats Nepal

Q: How severe is CVE-2008-0028?

CVE-2008-0028 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2008-0028?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Adaptive Security Appliance Software, Cisco Pix Firewall Software, Cisco 5500 Series Adaptive Security Appliance, Cisco Pix 500.

Vulnerability Description

Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet.

CVSS Score

7.1

HIGH

AV:N/AC:M/Au:N/C:N/I:N/A:C

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Cisco	Adaptive Security Appliance Software	< 7.2\(3\)6
Cisco	Pix Firewall Software	< 7.2\(3\)6
Cisco	5500 Series Adaptive Security Appliance	-
Cisco	Pix 500	-

References

http://secunia.com/advisories/28625Third Party Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20080123-asa.shtmlVendor Advisory
http://www.securityfocus.com/bid/27418Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id?1019262Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id?1019263Third Party AdvisoryVDB Entry
http://www.vupen.com/english/advisories/2008/0259Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/39862Third Party AdvisoryVDB Entry
http://secunia.com/advisories/28625Third Party Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20080123-asa.shtmlVendor Advisory
http://www.securityfocus.com/bid/27418Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id?1019262Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id?1019263Third Party AdvisoryVDB Entry
http://www.vupen.com/english/advisories/2008/0259Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/39862Third Party AdvisoryVDB Entry

FAQ

What is CVE-2008-0028?

CVE-2008-0028 is a vulnerability with a CVSS score of 7.1 (HIGH). Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabl...

How severe is CVE-2008-0028?

CVE-2008-0028 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-0028?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Adaptive Security Appliance Software, Cisco Pix Firewall Software, Cisco 5500 Series Adaptive Security Appliance, Cisco Pix 500.