PT-2008-2745 · Cisco · Cisco Ios
Published
2008-03-27
·
Updated
2017-09-29
·
CVE-2008-1151
CVSS v2.0
7.1
High
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco IOS versions prior to 12.3
Description
The issue is related to a memory leak in the virtual private dial-up network (VPDN) component. This leak allows remote attackers to cause a denial of service by consuming memory via a series of PPTP sessions. The problem is associated with "dead memory" that remains allocated after process termination.
Recommendations
For versions prior to 12.3, update to version 12.3 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Ios