CVE-2009-0626
First published: Fri Mar 27 2009(Updated: )
The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Puppet Cisco IOS | =12.3ym | |
| Puppet Cisco IOS | =12.3yq | |
| Puppet Cisco IOS | =12.4t | |
| Puppet Cisco IOS | =12.3bc | |
| Puppet Cisco IOS | =12.3ya | |
| Puppet Cisco IOS | =12.4xq | |
| Puppet Cisco IOS | =12.3xs | |
| Puppet Cisco IOS | =12.3xg | |
| Puppet Cisco IOS | =12.4xj | |
| Puppet Cisco IOS | =12.3bw | |
| Puppet Cisco IOS | =12.3xd | |
| Puppet Cisco IOS | =12.4xl | |
| Puppet Cisco IOS | =12.4xm | |
| Puppet Cisco IOS | =12.3xw | |
| Puppet Cisco IOS | =12.4mr | |
| Puppet Cisco IOS | =12.4xt | |
| Puppet Cisco IOS | =12.3xi | |
| Puppet Cisco IOS | =12.3yj | |
| Puppet Cisco IOS | =12.3jec | |
| Puppet Cisco IOS | =12.3yu | |
| Puppet Cisco IOS | =12.3xj | |
| Puppet Cisco IOS | =12.3t | |
| Puppet Cisco IOS | =12.3 | |
| Puppet Cisco IOS | =12.4xf | |
| Puppet Cisco IOS | =12.3va | |
| Puppet Cisco IOS | =12.3xz | |
| Puppet Cisco IOS | =12.4jx | |
| Puppet Cisco IOS | =12.4xg | |
| Puppet Cisco IOS | =12.4ya | |
| Puppet Cisco IOS | =12.4jmb | |
| Puppet Cisco IOS | =12.4xv | |
| Puppet Cisco IOS | =12.3yd | |
| Puppet Cisco IOS | =12.4xw | |
| Puppet Cisco IOS | =12.4xz | |
| Puppet Cisco IOS | =12.3xf | |
| Puppet Cisco IOS | =12.3xl | |
| Puppet Cisco IOS | =12.3yk | |
| Puppet Cisco IOS | =12.3yf | |
| Puppet Cisco IOS | =12.4xd | |
| Puppet Cisco IOS | =12.4xp | |
| Puppet Cisco IOS | =12.4jda | |
| Puppet Cisco IOS | =12.3yt | |
| Puppet Cisco IOS | =12.3xb | |
| Puppet Cisco IOS | =12.3yz | |
| Puppet Cisco IOS | =12.4xk | |
| Puppet Cisco IOS | =12.3jl | |
| Puppet Cisco IOS | =12.3yg | |
| Puppet Cisco IOS | =12.3xu | |
| Puppet Cisco IOS | =12.3xy | |
| Puppet Cisco IOS | =12.3xc | |
| Puppet Cisco IOS | =12.4jk | |
| Puppet Cisco IOS | =12.4 | |
| Puppet Cisco IOS | =12.4jl | |
| Puppet Cisco IOS | =12.4sw | |
| Puppet Cisco IOS | =12.3jea | |
| Puppet Cisco IOS | =12.3tpc | |
| Puppet Cisco IOS | =12.3ja | |
| Puppet Cisco IOS | =12.4xa | |
| Puppet Cisco IOS | =12.4xn | |
| Puppet Cisco IOS | =12.3yx | |
| Puppet Cisco IOS | =12.3xq | |
| Puppet Cisco IOS | =12.4md | |
| Puppet Cisco IOS | =12.3ys | |
| Puppet Cisco IOS | =12.3jk | |
| Puppet Cisco IOS | =12.3b | |
| Puppet Cisco IOS | =12.3jeb | |
| Puppet Cisco IOS | =12.3yh | |
| Puppet Cisco IOS | =12.4xb | |
| Puppet Cisco IOS | =12.4ja | |
| Puppet Cisco IOS | =12.3xx | |
| Puppet Cisco IOS | =12.4xy | |
| Puppet Cisco IOS | =12.4xc | |
| Puppet Cisco IOS | =12.3xa | |
| Puppet Cisco IOS | =12.3yi | |
| Puppet Cisco IOS | =12.3xk | |
| Puppet Cisco IOS | =12.3jx | |
| Puppet Cisco IOS | =12.4jma |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://securitytracker.com/id?1021896
- http://www.securityfocus.com/bid/34239
- http://secunia.com/advisories/34438
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90424.shtml
- http://www.vupen.com/english/advisories/2009/0851
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49425
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6919
Frequently Asked Questions
What is the severity of CVE-2009-0626?
CVE-2009-0626 has been classified with a high-severity rating due to its potential to cause denial of service and device instability.
How do I fix CVE-2009-0626?
To mitigate CVE-2009-0626, upgrade to a non-vulnerable version of Cisco IOS that addresses this vulnerability.
Which Cisco IOS versions are affected by CVE-2009-0626?
CVE-2009-0626 affects Cisco IOS versions 12.3 through 12.4, including specific sub-versions listed in the vulnerability description.
What is the impact of CVE-2009-0626?
The impact of CVE-2009-0626 includes the potential for remote attackers to trigger a device reload or hang through crafted HTTPS packets.
Is there a workaround for CVE-2009-0626?
There is no official workaround for CVE-2009-0626, and the recommended action is to upgrade the affected Cisco IOS.
- agent/type
- agent/first-publish-date
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco ios
- version/cisco ios/12.3ym
- version/cisco ios/12.3yq
- version/cisco ios/12.4t
- version/cisco ios/12.3bc
- version/cisco ios/12.3ya
- version/cisco ios/12.4xq
- version/cisco ios/12.3xs
- version/cisco ios/12.3xg
- version/cisco ios/12.4xj
- version/cisco ios/12.3bw
- version/cisco ios/12.3xd
- version/cisco ios/12.4xl
- version/cisco ios/12.4xm
- version/cisco ios/12.3xw
- version/cisco ios/12.4mr
- version/cisco ios/12.4xt
- version/cisco ios/12.3xi
- version/cisco ios/12.3yj
- version/cisco ios/12.3jec
- version/cisco ios/12.3yu
- version/cisco ios/12.3xj
- version/cisco ios/12.3t
- version/cisco ios/12.3
- version/cisco ios/12.4xf
- version/cisco ios/12.3va
- version/cisco ios/12.3xz
- version/cisco ios/12.4jx
- version/cisco ios/12.4xg
- version/cisco ios/12.4ya
- version/cisco ios/12.4jmb
- version/cisco ios/12.4xv
- version/cisco ios/12.3yd
- version/cisco ios/12.4xw
- version/cisco ios/12.4xz
- version/cisco ios/12.3xf
- version/cisco ios/12.3xl
- version/cisco ios/12.3yk
- version/cisco ios/12.3yf
- version/cisco ios/12.4xd
- version/cisco ios/12.4xp
- version/cisco ios/12.4jda
- version/cisco ios/12.3yt
- version/cisco ios/12.3xb
- version/cisco ios/12.3yz
- version/cisco ios/12.4xk
- version/cisco ios/12.3jl
- version/cisco ios/12.3yg
- version/cisco ios/12.3xu
- version/cisco ios/12.3xy
- version/cisco ios/12.3xc
- version/cisco ios/12.4jk
- version/cisco ios/12.4
- version/cisco ios/12.4jl
- version/cisco ios/12.4sw
- version/cisco ios/12.3jea
- version/cisco ios/12.3tpc
- version/cisco ios/12.3ja
- version/cisco ios/12.4xa
- version/cisco ios/12.4xn
- version/cisco ios/12.3yx
- version/cisco ios/12.3xq
- version/cisco ios/12.4md
- version/cisco ios/12.3ys
- version/cisco ios/12.3jk
- version/cisco ios/12.3b
- version/cisco ios/12.3jeb
- version/cisco ios/12.3yh
- version/cisco ios/12.4xb
- version/cisco ios/12.4ja
- version/cisco ios/12.3xx
- version/cisco ios/12.4xy
- version/cisco ios/12.4xc
- version/cisco ios/12.3xa
- version/cisco ios/12.3yi
- version/cisco ios/12.3xk
- version/cisco ios/12.3jx
- version/cisco ios/12.4jma