CVE-2007-2813 Information

Description

Cisco IOS 12.4 and earlier when using the crypto packages and SSL support is enabled allows remote attackers to cause a denial of service via a malformed (1) ClientHello (2) ChangeCipherSpec or (3) Finished message during an SSL session.

Reference

http://secunia.com/advisories/25361 http://www.cisco.com/en/US/products/products_security_advisory09186a0080847c49.shtml http://www.osvdb.org/35339 http://www.securityfocus.com/bid/24097 http://www.securitytracker.com/id?1018094 http://www.vupen.com/english/advisories/2007/1910 https://exchange.xforce.ibmcloud.com/vulnerabilities/34432 https://exchange.xforce.ibmcloud.com/vulnerabilities/34436 https://exchange.xforce.ibmcloud.com/vulnerabilities/34442 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5745