CVE-2007-0964

Description

Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a malformed HTTPS request.

Affected products

Cisco / firewall_services_module3.1 – 3.1

References

VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/0609
MISChttp://www.securityfocus.com/bid/22561
VENDOR_ADVISORYhttp://secunia.com/advisories/24172
VENDOR_ADVISORYhttp://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml