CVE-2009-0628

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.3 through 12.4

Description A memory leak in the SSLVPN feature allows remote attackers to cause a denial of service by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak. This results in memory consumption and device crash.

Recommendations For Cisco IOS versions 12.3 through 12.4, consider disabling the SSLVPN feature as a temporary workaround until a patch is available. Restrict access to the SSLVPN module to minimize the risk of exploitation.