Cisco PIX TCP SYN Packet Denial Of Service Vulnerability

Cisco PIX TCP SYN Packet Denial Of Service Vulnerability

Cisco PIX is susceptible to a remote denial-of-service vulnerability when handling certain TCP SYN packets.

This issue allows attackers to temporarily block network traffic to arbitrarily targeted TCP services. By repeating the attack, a prolonged denial-of-service condition is possible.

This issue is tracked by the following Cisco Bug IDs:
- CSCsc14915: PIX 6.3 Spoofed TCP SYN packets can block legitimate TCP connections
- CSCsc16014: PIX 7.0 Spoofed TCP SYN packets can block legitimate TCP connections