{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-03-26T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01.000Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "ADV-2008-1006", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1006/references"}, {"name": "cisco-ios-vpdn-idb-dos(41484)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41484"}, {"name": "28460", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28460"}, {"name": "20080326 Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml"}, {"name": "TA08-087B", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"}, {"name": "oval:org.mitre.oval:def:5598", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5598"}, {"name": "29507", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29507"}, {"name": "1019714", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1019714"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2008-1150", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2008-1006", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1006/references"}, {"name": "cisco-ios-vpdn-idb-dos(41484)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41484"}, {"name": "28460", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28460"}, {"name": "20080326 Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml"}, {"name": "TA08-087B", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"}, {"name": "oval:org.mitre.oval:def:5598", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5598"}, {"name": "29507", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29507"}, {"name": "1019714", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1019714"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:08:57.729Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2008-1006", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1006/references"}, {"name": "cisco-ios-vpdn-idb-dos(41484)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41484"}, {"name": "28460", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/28460"}, {"name": "20080326 Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml"}, {"name": "TA08-087B", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"}, {"name": "oval:org.mitre.oval:def:5598", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5598"}, {"name": "29507", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29507"}, {"name": "1019714", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1019714"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2008-1150", "datePublished": "2008-03-27T17:00:00.000Z", "dateReserved": "2008-03-05T00:00:00.000Z", "dateUpdated": "2024-08-07T08:08:57.729Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E12D45E-5FF2-4794-AF72-29F388B67E8E", "versionEndIncluding": "12.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309."}, {"lang": "es", "value": "La componente red privada virtual dial-up (VPDN) de Cisco IOS versiones anteriores a 12.3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de recursos) a trav\u00e9s de una serie de sesiones PPTP, en relaci\u00f3n con la persistencia de las estructuras de datos de la interfaz de descriptor de bloque (BID) despu\u00e9s de la terminaci\u00f3n proceso, tambi\u00e9n conocido como bug CSCdv59309 ID."}], "id": "CVE-2008-1150", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-03-27T17:44:00.000", "references": [{"source": "psirt@cisco.com", "url": "http://secunia.com/advisories/29507"}, {"source": "psirt@cisco.com", "url": "http://securitytracker.com/id?1019714"}, {"source": "psirt@cisco.com", "tags": ["Patch"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml"}, {"source": "psirt@cisco.com", "url": "http://www.securityfocus.com/bid/28460"}, {"source": "psirt@cisco.com", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"}, {"source": "psirt@cisco.com", "url": "http://www.vupen.com/english/advisories/2008/1006/references"}, {"source": "psirt@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41484"}, {"source": "psirt@cisco.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5598"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29507"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1019714"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/28460"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-087B.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1006/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41484"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5598"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}