What is the severity of CVE-2009-0628?

CVE-2009-0628 has been classified as a denial of service vulnerability which can lead to device crashes.

How do I fix CVE-2009-0628?

To mitigate CVE-2009-0628, upgrade to a version of Cisco IOS that addresses this memory leak, specifically versions beyond 12.4.

What are the affected Cisco IOS versions for CVE-2009-0628?

CVE-2009-0628 affects Cisco IOS versions 12.3 through 12.4, including various specific builds and releases.

How does CVE-2009-0628 exploit the SSLVPN feature?

CVE-2009-0628 exploits the SSLVPN feature by causing a memory leak when an SSL session is terminated abnormally.

Can CVE-2009-0628 be remotely exploited?

Yes, CVE-2009-0628 can be remotely exploited by an attacker who disconnects an SSL session incorrectly.

Vulnerability/
CVE-2009-0628

critical

CWE

200

27/3/2009

29/9/2017

CVE-2009-0628: Infoleak

First published: Fri Mar 27 2009(Updated: )

Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS	=12.3
Cisco IOS	=12.3-b
Cisco IOS	=12.3-bc
Cisco IOS	=12.3-bw
Cisco IOS	=12.3-eu
Cisco IOS	=12.3-ja
Cisco IOS	=12.3-jea
Cisco IOS	=12.3-jeb
Cisco IOS	=12.3-jec
Cisco IOS	=12.3-jk
Cisco IOS	=12.3-jl
Cisco IOS	=12.3-jx
Cisco IOS	=12.3-t
Cisco IOS	=12.3-tpc
Cisco IOS	=12.3-va
Cisco IOS	=12.3-xa
Cisco IOS	=12.3-xb
Cisco IOS	=12.3-xc
Cisco IOS	=12.3-xd
Cisco IOS	=12.3-xe
Cisco IOS	=12.3-xf
Cisco IOS	=12.3-xg
Cisco IOS	=12.3-xh
Cisco IOS	=12.3-xi
Cisco IOS	=12.3-xj
Cisco IOS	=12.3-xk
Cisco IOS	=12.3-xq
Cisco IOS	=12.3-xr
Cisco IOS	=12.3-xs
Cisco IOS	=12.3-xu
Cisco IOS	=12.3-xw
Cisco IOS	=12.3-xy
Cisco IOS	=12.3-ya
Cisco IOS	=12.3-yd
Cisco IOS	=12.3-yf
Cisco IOS	=12.3-yg
Cisco IOS	=12.3-yh
Cisco IOS	=12.3-yi
Cisco IOS	=12.3-yj
Cisco IOS	=12.3-yk
Cisco IOS	=12.3-ym
Cisco IOS	=12.3-yq
Cisco IOS	=12.3-ys
Cisco IOS	=12.3-yt
Cisco IOS	=12.3-yu
Cisco IOS	=12.3-yx
Cisco IOS	=12.3-yz
Cisco IOS	=12.4
Cisco IOS	=12.4-ja
Cisco IOS	=12.4-jk
Cisco IOS	=12.4-jma
Cisco IOS	=12.4-jmb
Cisco IOS	=12.4-jmc
Cisco IOS	=12.4-jx
Cisco IOS	=12.4-md
Cisco IOS	=12.4-mr
Cisco IOS	=12.4-sw
Cisco IOS	=12.4-t
Cisco IOS	=12.4-xa
Cisco IOS	=12.4-xb
Cisco IOS	=12.4-xc
Cisco IOS	=12.4-xd
Cisco IOS	=12.4-xe
Cisco IOS	=12.4-xf
Cisco IOS	=12.4-xg
Cisco IOS	=12.4-xj
Cisco IOS	=12.4-xk

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-0628?
CVE-2009-0628 has been classified as a denial of service vulnerability which can lead to device crashes.
How do I fix CVE-2009-0628?
To mitigate CVE-2009-0628, upgrade to a version of Cisco IOS that addresses this memory leak, specifically versions beyond 12.4.
What are the affected Cisco IOS versions for CVE-2009-0628?
CVE-2009-0628 affects Cisco IOS versions 12.3 through 12.4, including various specific builds and releases.
How does CVE-2009-0628 exploit the SSLVPN feature?
CVE-2009-0628 exploits the SSLVPN feature by causing a memory leak when an SSL session is terminated abnormally.
Can CVE-2009-0628 be remotely exploited?
Yes, CVE-2009-0628 can be remotely exploited by an attacker who disconnects an SSL session incorrectly.

agent/references
agent/author
agent/weakness
agent/severity
agent/type
agent/event
agent/description
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/cisco
canonical/cisco ios
version/cisco ios/12.3
version/cisco ios/12.3-b
version/cisco ios/12.3-bc
version/cisco ios/12.3-bw
version/cisco ios/12.3-eu
version/cisco ios/12.3-ja
version/cisco ios/12.3-jea
version/cisco ios/12.3-jeb
version/cisco ios/12.3-jec
version/cisco ios/12.3-jk
version/cisco ios/12.3-jl
version/cisco ios/12.3-jx
version/cisco ios/12.3-t
version/cisco ios/12.3-tpc
version/cisco ios/12.3-va
version/cisco ios/12.3-xa
version/cisco ios/12.3-xb
version/cisco ios/12.3-xc
version/cisco ios/12.3-xd
version/cisco ios/12.3-xe
version/cisco ios/12.3-xf
version/cisco ios/12.3-xg
version/cisco ios/12.3-xh
version/cisco ios/12.3-xi
version/cisco ios/12.3-xj
version/cisco ios/12.3-xk
version/cisco ios/12.3-xq
version/cisco ios/12.3-xr
version/cisco ios/12.3-xs
version/cisco ios/12.3-xu
version/cisco ios/12.3-xw
version/cisco ios/12.3-xy
version/cisco ios/12.3-ya
version/cisco ios/12.3-yd
version/cisco ios/12.3-yf
version/cisco ios/12.3-yg
version/cisco ios/12.3-yh
version/cisco ios/12.3-yi
version/cisco ios/12.3-yj
version/cisco ios/12.3-yk
version/cisco ios/12.3-ym
version/cisco ios/12.3-yq
version/cisco ios/12.3-ys
version/cisco ios/12.3-yt
version/cisco ios/12.3-yu
version/cisco ios/12.3-yx
version/cisco ios/12.3-yz
version/cisco ios/12.4
version/cisco ios/12.4-ja
version/cisco ios/12.4-jk
version/cisco ios/12.4-jma
version/cisco ios/12.4-jmb
version/cisco ios/12.4-jmc
version/cisco ios/12.4-jx
version/cisco ios/12.4-md
version/cisco ios/12.4-mr
version/cisco ios/12.4-sw
version/cisco ios/12.4-t
version/cisco ios/12.4-xa
version/cisco ios/12.4-xb
version/cisco ios/12.4-xc
version/cisco ios/12.4-xd
version/cisco ios/12.4-xe
version/cisco ios/12.4-xf
version/cisco ios/12.4-xg
version/cisco ios/12.4-xj
version/cisco ios/12.4-xk