The web administration interface of Cisco Intrusion Prevention System and Intrusion Detection System devices fails to properly handle certain Secure Socket Layer packets. This vulnerability may cause a denial of service.
According to Cisco Security Advisory cisco-sa-20060920-ips:
It is possible to send a malformed SSLv2 Client Hello packet to the IPS/IDS web administration interface, which may cause the process (mainApp) responsible for managing remote access to fail. This results in an IPS/IDS device becoming unresponsive to all future remote management requests through the web administration interface or the command-line interface (CLI) via SSH and the console.
A remote, unauthenticated attacker could cause the administrative interface of an affected device to become unavailable, leading to various secondary denial of service impacts.
Apply Access Control List
This issue was reported in Cisco Security Advisory cisco-sa-20060920-ips.
This document was written by Chris Taschner.
|Date First Published:||2006-09-22|
|Date Last Updated:||2006-09-26 16:03 UTC|