CVE-2007-0965

Description

Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request.

Affected products

• Cisco / firewall_services_module3.1 – 3.1

References

• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/0609
• MISChttp://www.securityfocus.com/bid/22561
• VENDOR_ADVISORYhttp://secunia.com/advisories/24172
• VENDOR_ADVISORYhttp://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml