CVE-2008-2733

Name of the Vulnerable Software and Affected Versions Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices versions 7.2 before 7.2(4)2 Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices versions 8.0 before 8.0(3)14 Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices versions 8.1 before 8.1(1)4

Description The issue is related to the improper processing of IPSec client authentication when the devices are configured as a client VPN endpoint. This allows remote attackers to cause a denial of service, resulting in a device reload, via a crafted authentication attempt. Multiple vulnerabilities may also result in the disclosure of confidential information.

Recommendations For versions 7.2 before 7.2(4)2, update to version 7.2(4)2 or later to resolve the issue. For versions 8.0 before 8.0(3)14, update to version 8.0(3)14 or later to resolve the issue. For versions 8.1 before 8.1(1)4, update to version 8.1(1)4 or later to resolve the issue.