Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when inspect http is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Firewall_services_module | Cisco | 2.3 (including) | 2.3 (including) |
| Firewall_services_module | Cisco | 3.1 (including) | 3.1 (including) |
References
- http://osvdb.org/33055
- http://secunia.com/advisories/24160
- http://secunia.com/advisories/24180
- http://securitytracker.com/id?1017651
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml
- http://www.securityfocus.com/bid/22561
- http://www.securityfocus.com/bid/22562
- http://www.securitytracker.com/id?1017652
- http://www.vupen.com/english/advisories/2007/0608
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32486
- http://osvdb.org/33055
- http://secunia.com/advisories/24160
- http://secunia.com/advisories/24180
- http://securitytracker.com/id?1017651
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml
- http://www.securityfocus.com/bid/22561
- http://www.securityfocus.com/bid/22562
- http://www.securitytracker.com/id?1017652
- http://www.vupen.com/english/advisories/2007/0608
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32486