CVE-2009-0629

medium

Description

The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets.

References

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904cb.shtml

http://www.vupen.com/english/advisories/2009/0851

http://secunia.com/advisories/34438

http://securitytracker.com/id?1021903

http://www.securityfocus.com/bid/34238

https://exchange.xforce.ibmcloud.com/vulnerabilities/49420

Details

Source: MITRE

Published: 2009-03-27

Updated: 2021-08-25

Risk Information

CVSS v2

Base Score: 5.4

Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 4.9

Severity: MEDIUM