Oval Definition:oval:org.mitre.oval:def:5745
Revision Date:2008-09-08Version:1
Title:Cisco IOS SSL ChamgeCipherSpec DoS Vulnerability, ClientHello DoS Vulnerability and Finished Message DoS Vulnerability
Description:Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.
Family:iosClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2007-2813
Platform(s):Cisco IOS
Product(s):
Definition Synopsis
  • IOS vulnerable versions
  • AND NOT IOS vulnerable versions
  • AND
  • config contains: cns config \S+ \S+ encrypt
  • config contains: ^\s*ip http secure-server
  • AND NOT config contains: ^\s*no ip http secure-server
    • BACK