Cisco Security Agent Packet Handling DoS

2005-07-13T12:04:53
ID OSVDB:17862
Type osvdb
Reporter Ben Collins()
Modified 2005-07-13T12:04:53

Description

Vulnerability Description

Cisco Security Agent contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends malformed packets to a CSA protected host, and will result in loss of availability for the host.

Technical Description

Vulnerability does not affect Cisco Security Agent 4.5 installed on Windows XP. Also does not affect the Solaris or Linux versions of the software.

Solution Description

Upgrade to version 4.5.1.616, hotfix version 4.5.0.573 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Cisco Security Agent contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends malformed packets to a CSA protected host, and will result in loss of availability for the host.

References:

Vendor Specific Advisory URL Security Tracker: 1014476 Secunia Advisory ID:16068 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-07/0207.html ISS X-Force ID: 21344 CVE-2005-2280