CVE-2007-5568

Name of the Vulnerable Software and Affected Versions Cisco PIX and ASA appliances versions 7.0 through 8.0 Cisco Firewall Services Module (FWSM) version 3.1(5) and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a device reload, via crafted packets. Two vulnerabilities exist, one triggered during the processing of Media Gateway Control Protocol (MGCP) packets and the other during the processing of Transport Layer Security (TLS) traffic that terminates on the security appliance.

Recommendations For Cisco PIX and ASA appliances versions 7.0 through 8.0, update to a version outside of this range to resolve the issue. For Cisco Firewall Services Module (FWSM) version 3.1(5) and earlier, update to a version later than 3.1(5) to resolve the issue. As a temporary workaround, consider restricting the processing of MGCP packets and TLS traffic that terminates on the appliance until a patch is available.