QwikSec

Security Database

CVE

CWE

Training

CVE-2008-2735

Published: Sep 4, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0 before 8.0(3)15 and 8.1 before 8.1(1)5, when configured as a clientless SSL VPN endpoint, does not properly process URIs, which allows remote attackers to cause a denial of service (device reload) via a URI in a crafted SSL or HTTP packet, aka Bug ID CSCsq19369.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_SECTRACK

20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA

vendor-advisory

x_refsource_CISCO

20080903 Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA

vendor-advisory

x_refsource_CISCO

third-party-advisory

x_refsource_SECUNIA

cisco-asa-uri-dos(44869)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.