Lucene search

CiscoCISCO-SA-20121010-FWSM

HistoryOct 10, 2012 - 4:00 p.m.

Multiple Vulnerabilities in Cisco Firewall Services Module

2012-10-1016:00:00

tools.cisco.com

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:P/A:C

0.083 Low

EPSS

Percentile

94.4%

JSON

The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by the
following vulnerabilities:

DCERPC Inspection Buffer Overflow Vulnerability

DCERPC Inspection Denial Of Service Vulnerabilities

These vulnerabilities are not interdependent; a release that is
affected by one vulnerability is not necessarily affected by the
other.

Exploitation of these vulnerabilities could allow an unauthenticated,
remote attacker to trigger a reload of the affected device, or to execute arbitrary commands. Repeated
exploitation could result in a denial of service (DoS) condition.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm”]

Note: The Cisco Catalyst 6500 Series ASA Services Module, and the Cisco ASA 5500 Series Adaptive Security Appliance may also be affected by these vulnerabilities.

The vulnerabilities affecting the Cisco Catalyst 6500 Series ASA Services Module and Cisco ASA 5500 Series Adaptive Security Appliance have been disclosed in a separate Cisco Security Advisory. The Advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa”]

Affected configurations

Vulners

Node

ciscopix_firewallMatchany

ciscoadaptive_security_virtual_applianceMatch8.3

ciscoadaptive_security_virtual_applianceMatch8.4

ciscoadaptive_security_virtual_applianceMatch8.5

ciscoadaptive_security_virtual_applianceMatch8.6

ciscopix_firewallMatchany

ciscoadaptive_security_virtual_applianceMatch8.3.1.1

ciscoadaptive_security_virtual_applianceMatch8.3.1

ciscoadaptive_security_virtual_applianceMatch8.3.2

ciscoadaptive_security_virtual_applianceMatch8.3.2.23

ciscoadaptive_security_virtual_applianceMatch8.3.2.25

ciscoadaptive_security_virtual_applianceMatch8.3.1.4

ciscoadaptive_security_virtual_applianceMatch8.3.1.6

ciscoadaptive_security_virtual_applianceMatch8.3.2.4

ciscoadaptive_security_virtual_applianceMatch8.3.2.13

ciscoadaptive_security_virtual_applianceMatch8.3.2.31

ciscoadaptive_security_virtual_applianceMatch8.3.2.33

ciscoadaptive_security_virtual_applianceMatch8.4.1

ciscoadaptive_security_virtual_applianceMatch8.4.2

ciscoadaptive_security_virtual_applianceMatch8.4.1.3

ciscoadaptive_security_virtual_applianceMatch8.4.1.11

ciscoadaptive_security_virtual_applianceMatch8.4.2.8

ciscoadaptive_security_virtual_applianceMatch8.4.3

ciscoadaptive_security_virtual_applianceMatch8.4.3.8

ciscoadaptive_security_virtual_applianceMatch8.4.3.9

ciscoadaptive_security_virtual_applianceMatch8.4.4

ciscoadaptive_security_virtual_applianceMatch8.4.4.1

ciscoadaptive_security_virtual_applianceMatch8.4.4.3

ciscoadaptive_security_virtual_applianceMatch8.5.1

ciscoadaptive_security_virtual_applianceMatch8.5.1.1

ciscoadaptive_security_virtual_applianceMatch8.5.1.6

ciscoadaptive_security_virtual_applianceMatch8.5.1.7

ciscoadaptive_security_virtual_applianceMatch8.6.1.1

ciscoadaptive_security_virtual_applianceMatch8.6.1

ciscoadaptive_security_virtual_applianceMatch8.6.1.2

CPENameOperatorVersion
cisco firewall services module (fwsm)eqany
cisco adaptive security appliance (asa) softwareeq8.3
cisco adaptive security appliance (asa) softwareeq8.4
cisco adaptive security appliance (asa) softwareeq8.5
cisco adaptive security appliance (asa) softwareeq8.6
cisco firewall services module (fwsm)eqany
cisco adaptive security appliance (asa) softwareeq8.3.1.1
cisco adaptive security appliance (asa) softwareeq8.3.1
cisco adaptive security appliance (asa) softwareeq8.3.2
cisco adaptive security appliance (asa) softwareeq8.3.2.23

Name	Operator	Version
cisco firewall services module (fwsm)	eq	any
cisco adaptive security appliance (asa) software	eq	8.3
cisco adaptive security appliance (asa) software	eq	8.4
cisco adaptive security appliance (asa) software	eq	8.5
cisco adaptive security appliance (asa) software	eq	8.6
cisco firewall services module (fwsm)	eq	any
cisco adaptive security appliance (asa) software	eq	8.3.1.1
cisco adaptive security appliance (asa) software	eq	8.3.1
cisco adaptive security appliance (asa) software	eq	8.3.2
cisco adaptive security appliance (asa) software	eq	8.3.2.23