Skip to main content

Cisco Firewall Services Module Multiple Vulnerabilities

Last Update Date: 11 Oct 2012 11:40 Release Date: 11 Oct 2012 5023 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities have been identified in Cisco Firewall Services Module. A remote user can execute arbitrary code on the target system, and cause denial of service conditions.

 

A remote user can send specially crafted DCERPC data through the target device to trigger a stack overflow in the DCERPC inspection engine and execute arbitrary code on the target device or cause the target device to reload.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Versions prior to 4.1(9)

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link