CVE-2010-2836

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.4, 15.0, and 15.1

Description A memory leak in the SSL VPN feature of Cisco IOS allows remote attackers to cause a denial of service by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state. This could result in a memory exhaustion condition, causing device reloads, the inability to service new TCP connections, and other denial of service conditions.

Recommendations For Cisco IOS versions 12.4, 15.0, and 15.1, update to a version that includes the software updates released by Cisco to address this vulnerability. As a temporary workaround, consider disabling the HTTP port redirection feature in the SSL VPN configuration to mitigate this issue.