Cisco ASA Multiple Vulnerabilities
Last Update Date:
11 Oct 2012 11:42
Release Date:
11 Oct 2012
4998
Views
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities have been identified in Cisco ASA. A remote user can execute arbitrary code on the target system, and cause denial of service conditions.
- A remote user can send specially crafted DHCP data via IPv4 to the DHCP server on the target device or through the target device to trigger a memory allocation error and cause the target device to reload.
- A remote user can send a specially crafted response to an AAA challenge via IPv4 on an SSL VPN connection to cause the target device to reload. Cisco ASA Software configured for Clientless or AnyConnect SSL VPN is affected. IPsec VPN Server, IPSEC/L2TP VPN Server, or IKEv2 AnyConnect server configurations are not affected.
- A remote user can send specially crafted SIP packets (as part of an established SIP session) through the target device to cause the target device to reload.
- A remote user can send specially crafted DCERPC data through the target device to trigger a stack overflow in the DCERPC inspection engine and execute arbitrary code on the target device or cause the target device to reload.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
- ASA 5500 Series, Cisco Catalyst 6500 Series ASA Services Module
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (7.2(5.8), 8.0(5.28), 8.1(2.56), 8.2(5.33), 8.3(2.34), 8.4(4.5), 8.5(1.14), 8.6(1.5)).
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa
Vulnerability Identifier
Source
Related Link
Share with