CVE-2007-2813

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.4 and earlier

Description The issue allows remote attackers to cause a denial of service via a malformed message during an SSL session. A malicious client must send malformed packets during the SSL protocol exchange with the vulnerable device to trigger the vulnerability. Successful repeated exploitation may lead to a sustained Denial-of-Service (DoS), but it is not known to compromise either the confidentiality or integrity of the data or the device.

Recommendations For Cisco IOS versions 12.4 and earlier, update to a version that includes the fix for the vulnerabilities. As a temporary workaround, consider implementing workarounds available to mitigate the effects of these vulnerabilities. Restrict access to SSL protocol exchange to minimize the risk of exploitation. Avoid using the ClientHello, ChangeCipherSpec, or Finished messages in the affected SSL session until the issue is resolved.