CVE-2003-1004

Description

Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.

Affected products

• Cisco / pix_firewall6.2.2_.111 – 6.2.2_.111
• Cisco / pix_firewall_software6.2 – 6.2
• Cisco / pix_firewall_software6.2(1) – 6.2(1)
• Cisco / pix_firewall_software6.2(2) – 6.2(2)
• Cisco / pix_firewall_software6.2(3) – 6.2(3)
• Cisco / pix_firewall_software6.2(3.100) – 6.2(3.100)

References

• VENDOR_ADVISORYhttp://www.cisco.com/warp/public/707/cisco-sa-20031215-pix.shtml