CVE-2007-2464

Published: May 2, 2007Modified: Apr 23, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions."

Affected (4)

Products: Cisco: Adaptive Security Appliance Software, Pix

Cisco

2 products

Adaptive Security Appliance Software

Pix

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Cisco Adaptive Security Appliance Software	Up to 7.2.2
Cisco Adaptive Security Appliance Software	Version 7.1
Cisco Pix	Up to 7.2
Cisco Pix	Version 7.1

References (14)

http://secunia.com/advisories/25109

Source: cve@mitre.org

http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml

Source: cve@mitre.org

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/337508

Source: cve@mitre.org

US Government Resource

http://www.osvdb.org/35333

Source: cve@mitre.org

http://www.securityfocus.com/bid/23768

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/1636

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/34023

Source: cve@mitre.org

http://secunia.com/advisories/25109