Lucene search
CiscoCISCO-SA-20121010-ASAHistoryOct 10, 2012 - 4:00 p.m.
Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module
2012-10-1016:00:00
tools.cisco.com
13
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:P/A:C
0.083 Low
EPSS
Percentile
94.4%
Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco
Catalyst 6500 Series ASA Services Module (ASASM) may be affected by the
following vulnerabilities:
DHCP Memory Allocation Denial of Service Vulnerability
SSL VPN Authentication Denial of Service Vulnerability
SIP Inspection Media Update Denial of Service Vulnerability
DCERPC Inspection Buffer Overflow Vulnerability
Two DCERPC Inspection Denial Of Service Vulnerabilities
These vulnerabilities are independent of each other; a release that is
affected by one of the vulnerabilities may not be affected by the
others.
Successful exploitation of any of these vulnerabilities could allow an unauthenticated remote attacker to trigger a reload of the affected device. Exploitation of the DCERPC Inspection Buffer Overflow Vulnerability could additionally cause a stack overflow and possibly the execution of arbitrary commands.
Cisco has released software updates that address these vulnerabilities. Workarounds are available for some of these vulnerabilities. This advisory is available at the following link:
Note: The Cisco Firewall Services Module for Cisco Catalyst 6500 and Cisco 7600 Series (FWSM) may be affected by some of the vulnerabilities listed above.
A separate Cisco Security Advisory has been published to disclose the
vulnerabilities that affect the Cisco FWSM. This advisory is available
at:
The Cisco ASA 1000V Cloud Firewall and Cisco ASA-CX Context-Aware Security are not affected by any of these vulnerabilities.
Affected configurations
Node
ciscopix_firewallMatchany
ORciscoadaptive_security_virtual_applianceMatch7.0
ORciscoadaptive_security_virtual_applianceMatch7.1
ORciscoadaptive_security_virtual_applianceMatch7.2
ORciscoadaptive_security_virtual_applianceMatch8.0
ORciscoadaptive_security_virtual_applianceMatch8.2
ORciscoadaptive_security_virtual_applianceMatch8.1
ORciscoadaptive_security_virtual_applianceMatch8.3
ORciscoadaptive_security_virtual_applianceMatch8.4
ORciscoadaptive_security_virtual_applianceMatch8.5
ORciscoadaptive_security_virtual_applianceMatch8.6
ORciscopix_firewallMatchany
ORciscoadaptive_security_virtual_applianceMatch7.0.1
ORciscoadaptive_security_virtual_applianceMatch7.0.1.4
ORciscoadaptive_security_virtual_applianceMatch7.0.4
ORciscoadaptive_security_virtual_applianceMatch7.0.4.2
ORciscoadaptive_security_virtual_applianceMatch7.0.2
ORciscoadaptive_security_virtual_applianceMatch7.0.3
ORciscoadaptive_security_virtual_applianceMatch7.0.7.1
ORciscoadaptive_security_virtual_applianceMatch7.0.8
ORciscoadaptive_security_virtual_applianceMatch7.0.7
ORciscoadaptive_security_virtual_applianceMatch7.0.6
ORciscoadaptive_security_virtual_applianceMatch7.0.5
ORciscoadaptive_security_virtual_applianceMatch7.0.5.12
ORciscoadaptive_security_virtual_applianceMatch7.0.6.4
ORciscoadaptive_security_virtual_applianceMatch7.0.6.8
ORciscoadaptive_security_virtual_applianceMatch7.0.6.18
ORciscoadaptive_security_virtual_applianceMatch7.0.6.22
ORciscoadaptive_security_virtual_applianceMatch7.0.6.26
ORciscoadaptive_security_virtual_applianceMatch7.0.6.29
ORciscoadaptive_security_virtual_applianceMatch7.0.6.32
ORciscoadaptive_security_virtual_applianceMatch7.0.7.4
ORciscoadaptive_security_virtual_applianceMatch7.0.7.9
ORciscoadaptive_security_virtual_applianceMatch7.0.7.12
ORciscoadaptive_security_virtual_applianceMatch7.0.8.2
ORciscoadaptive_security_virtual_applianceMatch7.0.8.8
ORciscoadaptive_security_virtual_applianceMatch7.0.8.12
ORciscoadaptive_security_virtual_applianceMatch7.0.8.13
ORciscoadaptive_security_virtual_applianceMatch7.1.2.61
ORciscoadaptive_security_virtual_applianceMatch7.1.2
ORciscoadaptive_security_virtual_applianceMatch7.1.2.81
ORciscoadaptive_security_virtual_applianceMatch7.1.2.64
ORciscoadaptive_security_virtual_applianceMatch7.1.2.72
ORciscoadaptive_security_virtual_applianceMatch7.1.2.16
ORciscoadaptive_security_virtual_applianceMatch7.1.2.20
ORciscoadaptive_security_virtual_applianceMatch7.1.2.24
ORciscoadaptive_security_virtual_applianceMatch7.1.2.28
ORciscoadaptive_security_virtual_applianceMatch7.1.2.38
ORciscoadaptive_security_virtual_applianceMatch7.1.2.42
ORciscoadaptive_security_virtual_applianceMatch7.1.2.46
ORciscoadaptive_security_virtual_applianceMatch7.1.2.49
ORciscoadaptive_security_virtual_applianceMatch7.1.2.53
ORciscoadaptive_security_virtual_applianceMatch7.2.2.34
ORciscoadaptive_security_virtual_applianceMatch7.2.3.1
ORciscoadaptive_security_virtual_applianceMatch7.2.2
ORciscoadaptive_security_virtual_applianceMatch7.2.4
ORciscoadaptive_security_virtual_applianceMatch7.2.3
ORciscoadaptive_security_virtual_applianceMatch7.2.1
ORciscoadaptive_security_virtual_applianceMatch7.2.4.27
ORciscoadaptive_security_virtual_applianceMatch7.2.4.30
ORciscoadaptive_security_virtual_applianceMatch7.2.5
ORciscoadaptive_security_virtual_applianceMatch7.2.4.33
ORciscoadaptive_security_virtual_applianceMatch7.2.1.9
ORciscoadaptive_security_virtual_applianceMatch7.2.1.13
ORciscoadaptive_security_virtual_applianceMatch7.2.1.19
ORciscoadaptive_security_virtual_applianceMatch7.2.1.24
ORciscoadaptive_security_virtual_applianceMatch7.2.2.6
ORciscoadaptive_security_virtual_applianceMatch7.2.2.10
ORciscoadaptive_security_virtual_applianceMatch7.2.2.14
ORciscoadaptive_security_virtual_applianceMatch7.2.2.18
ORciscoadaptive_security_virtual_applianceMatch7.2.2.19
ORciscoadaptive_security_virtual_applianceMatch7.2.2.22
ORciscoadaptive_security_virtual_applianceMatch7.2.3.12
ORciscoadaptive_security_virtual_applianceMatch7.2.3.16
ORciscoadaptive_security_virtual_applianceMatch7.2.4.6
ORciscoadaptive_security_virtual_applianceMatch7.2.4.9
ORciscoadaptive_security_virtual_applianceMatch7.2.4.18
ORciscoadaptive_security_virtual_applianceMatch7.2.4.25
ORciscoadaptive_security_virtual_applianceMatch7.2.5.2
ORciscoadaptive_security_virtual_applianceMatch7.2.5.4
ORciscoadaptive_security_virtual_applianceMatch7.2.5.7
ORciscoadaptive_security_virtual_applianceMatch8.0.2.11
ORciscoadaptive_security_virtual_applianceMatch8.0.4
ORciscoadaptive_security_virtual_applianceMatch8.0.3
ORciscoadaptive_security_virtual_applianceMatch8.0.2
ORciscoadaptive_security_virtual_applianceMatch8.0.1.2
ORciscoadaptive_security_virtual_applianceMatch8.0.4.25
ORciscoadaptive_security_virtual_applianceMatch8.0.4.28
ORciscoadaptive_security_virtual_applianceMatch8.0.4.33
ORciscoadaptive_security_virtual_applianceMatch8.0.4.32
ORciscoadaptive_security_virtual_applianceMatch8.0.5
ORciscoadaptive_security_virtual_applianceMatch8.0.2.15
ORciscoadaptive_security_virtual_applianceMatch8.0.3.6
ORciscoadaptive_security_virtual_applianceMatch8.0.3.12
ORciscoadaptive_security_virtual_applianceMatch8.0.3.19
ORciscoadaptive_security_virtual_applianceMatch8.0.4.3
ORciscoadaptive_security_virtual_applianceMatch8.0.4.9
ORciscoadaptive_security_virtual_applianceMatch8.0.4.16
ORciscoadaptive_security_virtual_applianceMatch8.0.4.23
ORciscoadaptive_security_virtual_applianceMatch8.0.4.31
ORciscoadaptive_security_virtual_applianceMatch8.0.5.20
ORciscoadaptive_security_virtual_applianceMatch8.0.5.23
ORciscoadaptive_security_virtual_applianceMatch8.0.5.25
ORciscoadaptive_security_virtual_applianceMatch8.0.5.27
ORciscoadaptive_security_virtual_applianceMatch8.2.0.45
ORciscoadaptive_security_virtual_applianceMatch8.2.1
ORciscoadaptive_security_virtual_applianceMatch8.2.2
ORciscoadaptive_security_virtual_applianceMatch8.2.2.10
ORciscoadaptive_security_virtual_applianceMatch8.2.3
ORciscoadaptive_security_virtual_applianceMatch8.2.4
ORciscoadaptive_security_virtual_applianceMatch8.2.1.11
ORciscoadaptive_security_virtual_applianceMatch8.2.2.9
ORciscoadaptive_security_virtual_applianceMatch8.2.2.12
ORciscoadaptive_security_virtual_applianceMatch8.2.2.16
ORciscoadaptive_security_virtual_applianceMatch8.2.4.1
ORciscoadaptive_security_virtual_applianceMatch8.2.4.4
ORciscoadaptive_security_virtual_applianceMatch8.2.5
ORciscoadaptive_security_virtual_applianceMatch8.2.5.13
ORciscoadaptive_security_virtual_applianceMatch8.2.5.22
ORciscoadaptive_security_virtual_applianceMatch8.2.5.26
ORciscoadaptive_security_virtual_applianceMatch8.2.2.17
ORciscoadaptive_security_virtual_applianceMatch8.1.1
ORciscoadaptive_security_virtual_applianceMatch8.1.2
ORciscoadaptive_security_virtual_applianceMatch8.1.2.15
ORciscoadaptive_security_virtual_applianceMatch8.1.2.16
ORciscoadaptive_security_virtual_applianceMatch8.1.2.19
ORciscoadaptive_security_virtual_applianceMatch8.1.2.23
ORciscoadaptive_security_virtual_applianceMatch8.1.2.24
ORciscoadaptive_security_virtual_applianceMatch8.1.2.50
ORciscoadaptive_security_virtual_applianceMatch8.1.1.6
ORciscoadaptive_security_virtual_applianceMatch8.1.2.13
ORciscoadaptive_security_virtual_applianceMatch8.1.2.49
ORciscoadaptive_security_virtual_applianceMatch8.1.2.55
ORciscoadaptive_security_virtual_applianceMatch8.3.1.1
ORciscoadaptive_security_virtual_applianceMatch8.3.1
ORciscoadaptive_security_virtual_applianceMatch8.3.2
ORciscoadaptive_security_virtual_applianceMatch8.3.2.23
ORciscoadaptive_security_virtual_applianceMatch8.3.2.25
ORciscoadaptive_security_virtual_applianceMatch8.3.1.4
ORciscoadaptive_security_virtual_applianceMatch8.3.1.6
ORciscoadaptive_security_virtual_applianceMatch8.3.2.4
ORciscoadaptive_security_virtual_applianceMatch8.3.2.13
ORciscoadaptive_security_virtual_applianceMatch8.3.2.31
ORciscoadaptive_security_virtual_applianceMatch8.3.2.33
ORciscoadaptive_security_virtual_applianceMatch8.4.1
ORciscoadaptive_security_virtual_applianceMatch8.4.2
ORciscoadaptive_security_virtual_applianceMatch8.4.1.3
ORciscoadaptive_security_virtual_applianceMatch8.4.1.11
ORciscoadaptive_security_virtual_applianceMatch8.4.2.8
ORciscoadaptive_security_virtual_applianceMatch8.4.3
ORciscoadaptive_security_virtual_applianceMatch8.4.3.8
ORciscoadaptive_security_virtual_applianceMatch8.4.3.9
ORciscoadaptive_security_virtual_applianceMatch8.4.4
ORciscoadaptive_security_virtual_applianceMatch8.4.4.1
ORciscoadaptive_security_virtual_applianceMatch8.4.4.3
ORciscoadaptive_security_virtual_applianceMatch8.5.1
ORciscoadaptive_security_virtual_applianceMatch8.5.1.1
ORciscoadaptive_security_virtual_applianceMatch8.5.1.6
ORciscoadaptive_security_virtual_applianceMatch8.5.1.7
ORciscoadaptive_security_virtual_applianceMatch8.6.1.1
ORciscoadaptive_security_virtual_applianceMatch8.6.1
ORciscoadaptive_security_virtual_applianceMatch8.6.1.2
Related
nessus
nessus
Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20121010-asa)
2012-10-30 00:00:00
cisco
cisco
Multiple Vulnerabilities in Cisco Firewall Services Module
2012-10-10 16:00:00
securityvulns
securityvulns
Cisco ASA / FWSM multiple security vulnerabilities
2012-10-15 00:00:00
nvd
nvd
prion
prion
Authentication flaw
2012-10-29 20:55:00
Command injection
2012-10-29 20:55:00
Design/Logic Flaw
2012-10-29 20:55:00
cvelist
cvelist
cve
cve
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:P/A:C
0.083 Low
EPSS
Percentile
94.4%
Related for CISCO-SA-20121010-ASA