CVE-2012-3923 Information

Description

The SSLVPN implementation in Cisco IOS 12.4 15.0 15.1 and 15.2 when DTLS is not enabled does not properly handle certain outbound ACL configurations which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface aka Bug ID CSCte41827.

Reference

http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html https://exchange.xforce.ibmcloud.com/vulnerabilities/78670