CVE-2008-3812

Name of the Vulnerable Software and Affected Versions Cisco IOS version 12.4

Description The issue allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled. Successful exploitation may result in a reload of the affected device.

Recommendations For Cisco IOS version 12.4, update to a version that includes the software updates released by Cisco to address this issue. As a temporary workaround, consider disabling the HTTP Deep Packet Inspection feature in the IOS firewall Application Inspection Control (AIC) until a patch is available. Restrict access to the device to minimize the risk of exploitation.