This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
Cisco IOS Software contains a vulnerability when the Cisco IOS SSL VPN
feature is configured with an HTTP redirect. Exploitation could allow
a remote, unauthenticated user to cause a memory leak on the affected
devices, that could result in a memory exhaustion condition that may
cause device reloads, the inability to service new TCP connections,
and other denial of service (DoS) conditions. Cisco has released free
software updates that address this vulnerability. There is a
workaround to mitigate this vulnerability.
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true