CVE-2008-2734 - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CVE CVE-2008-2734
Status Candidate
Description Memory leak in the crypto functionality in Cisco Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a clientless SSL VPN endpoint, allows remote attackers to cause a denial of service (memory consumption and VPN hang) via a crafted SSL or HTTP packet, aka Bug ID CSCso66472.
Phase Assigned (16.06.2008)
NVD: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2734
References CISCO : 20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA
SECTRACK : 1020812
SecurityVulns: Cisco PIX and Cisco ASA multiple security vulnerabilities

test server