CVE-2003-1004

Name of the Vulnerable Software and Affected Versions Cisco PIX firewall versions 6.2.x through 6.2.3

Description The issue allows remote attackers to cause a denial of service, resulting in a dropped IPSec tunnel connection. This is achieved by sending an IKE Phase I negotiation request to the outside interface of the firewall when it is configured as a VPN client.

Recommendations For Cisco PIX firewall versions 6.2.x through 6.2.3, consider restricting access to the outside interface to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the IKE Phase I negotiation requests to trusted sources only.