ID
VAR-E-200803-0750
CVE
| cve_id: | CVE-2008-1150 | Trust: 0.3 |
| cve_id: | CVE-2008-1151 | Trust: 0.3 |
TITLE
Cisco IOS Virtual Private Dial-up Network Multiple Denial of Service Vulnerabilities
Trust: 0.3
DESCRIPTION
Cisco IOS is prone to multiple denial-of-service vulnerabilities that occur in the virtual private dial-up (VPDN) when the Point-to-Point Tunneling Protocol (PPTP) is enabled.
Successfully exploiting these issues may cause a memory leak or prevent the establishment of VPDN connections, denying service to legitimate users.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios 12.4 | scope: | ne | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios 12.2 xb5 | scope: | ne | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios 12.1 ea11 | scope: | ne | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios 12.2yz | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2yx | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2yo | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2ye | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2yc | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.2xv | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xu | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xt | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xs | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xq | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xk | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xj | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xi | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xh | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xg | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xe | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xd | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xc | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xb | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2xa | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2t | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2sy | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2sx | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2su | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2s | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2dx | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2da | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2by | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2b | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.2 | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1yi | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1yf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1ye | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1yd | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1yc | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1yb | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1ya | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1xy | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.1xv | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1xt | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1xs | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1xr | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1xq | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1xp | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1xm | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1xl | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1xj | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1t | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1ez | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1ex | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1ec | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1ea | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1e | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1dc | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1ay | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.3t | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | ne | version: | 12.3(26) | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.3 bc1 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2bc | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 t | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 by | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 bw1a | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 bw1 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 b5 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 src | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 s15 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 sxf13 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | ne | version: | 12.2(18)2 | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 t4e | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1 ay1 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.1 ea1 | scope: | ne | version: | - | Trust: 0.3 |
EXPLOIT
A specific exploit is not required. The attacker would only need to establish a PPTP session with an affected device.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Design Error
Trust: 0.3
CREDITS
Martin Kluge of Elxsi Security
Trust: 0.3
EXTERNAL IDS
| db: | NVD | id: | CVE-2008-1150 | Trust: 0.3 |
| db: | NVD | id: | CVE-2008-1151 | Trust: 0.3 |
| db: | BID | id: | 28460 | Trust: 0.3 |
REFERENCES
| url: | http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html | Trust: 0.3 |
| url: | http://www.cisco.com/warp/public/707/cisco-sa-20080326-pptp.shtml | Trust: 0.3 |
SOURCES
| db: | BID | id: | 28460 |
LAST UPDATE DATE
2022-07-27T10:04:12.453000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 28460 | date: | 2008-03-26T20:49:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 28460 | date: | 2008-03-26T00:00:00 |