Description
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Janis Vizulis · perldoshardware
https://www.exploit-db.com/exploits/1338
exploitdb
WORKING POC
VERIFIED
by Janis Vizulis · perldoshardware
https://www.exploit-db.com/exploits/26548
References (16)
Scores
EPSS
0.3514
EPSS Percentile
97.1%
Details
Status
published
Products (2)
cisco/pix
6.3
cisco/pix
7.0
Published
Nov 23, 2005
Tracked Since
Feb 18, 2026