Vulnerability Note VU#642076
Cisco Intrusion Prevention System administration interface fails to properly handle Secure Socket Layer packets
The web administration interface of Cisco Intrusion Prevention System and Intrusion Detection System devices fails to properly handle certain Secure Socket Layer packets. This vulnerability may cause a denial of service.
According to Cisco Security Advisory cisco-sa-20060920-ips:
It is possible to send a malformed SSLv2 Client Hello packet to the IPS/IDS web administration interface, which may cause the process (mainApp) responsible for managing remote access to fail. This results in an IPS/IDS device becoming unresponsive to all future remote management requests through the web administration interface or the command-line interface (CLI) via SSH and the console.
A remote, unauthenticated attacker could cause the administrative interface of an affected device to become unavailable, leading to various secondary denial of service impacts.
Apply Access Control List
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Cisco Systems, Inc.||Affected||-||20 Sep 2006|
CVSS Metrics (Learn More)
This issue was reported in Cisco Security Advisory cisco-sa-20060920-ips.
This document was written by Chris Taschner.
- CVE IDs: CVE-2006-4910
- Date Public: 20 Sep 2006
- Date First Published: 22 Sep 2006
- Date Last Updated: 26 Sep 2006
- Severity Metric: 3.66
- Document Revision: 20
If you have feedback, comments, or additional information about this vulnerability, please send us email.