CVE-2008-1150

The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
VendorProductVersion
ciscoios
𝑥
≤ 12.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/29507
http://securitytracker.com/id?1019714
http://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml
http://www.securityfocus.com/bid/28460
http://www.us-cert.gov/cas/techalerts/TA08-087B.html
http://www.vupen.com/english/advisories/2008/1006/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41484
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5598
http://secunia.com/advisories/29507
http://securitytracker.com/id?1019714
http://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml
http://www.securityfocus.com/bid/28460
http://www.us-cert.gov/cas/techalerts/TA08-087B.html
http://www.vupen.com/english/advisories/2008/1006/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41484
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5598