Unrated severityNVD Advisory· Published Mar 27, 2009· Updated Jun 16, 2026
CVE-2009-0635
CVE-2009-0635
Description
Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:o:cisco:ios:12.4t:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:cisco:ios:12.4t:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.4xz:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.4ya:*:*:*:*:*:*:*
- (no CPE)range: 12.4
Patches
Vulnerability mechanics
References
7- www.cisco.com/en/US/products/products_security_advisory09186a0080a90459.shtmlnvdPatchVendor Advisory
- www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtmlnvdPatchVendor Advisory
- secunia.com/advisories/34438nvdVendor Advisory
- www.vupen.com/english/advisories/2009/0851nvdVendor Advisory
- www.securityfocus.com/bid/34246nvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/49417nvd
News mentions
0No linked articles in our index yet.