CVE-2002-2140

Name of the Vulnerable Software and Affected Versions Cisco PIX Firewall versions 5.2.x through 5.2.8 Cisco PIX Firewall versions 6.0.x through 6.0.3 Cisco PIX Firewall versions 6.1.x through 6.1.3 Cisco PIX Firewall versions 6.2.x through 6.2.1

Description The issue allows remote attackers to cause a denial of service via HTTP traffic authentication using either TACACS+ or RADIUS. This is a result of a buffer overflow in the Cisco PIX Firewall.

Recommendations For versions 5.2.x through 5.2.8, consider disabling HTTP traffic authentication using TACACS+ or RADIUS until a patch is available. For versions 6.0.x through 6.0.3, restrict access to the authentication module to minimize the risk of exploitation. For versions 6.1.x through 6.1.3, avoid using TACACS+ or RADIUS for HTTP traffic authentication until the issue is resolved. For versions 6.2.x through 6.2.1, consider temporarily disabling the authentication function using TACACS+ or RADIUS to prevent denial of service attacks.