Lucene search
RootSSV:4286HistoryOct 23, 2008 - 12:00 a.m.
Cisco ASA设备加密加速器内存破坏拒绝服务漏洞
2008-10-2300:00:00
Root
www.seebug.org
12
0.02 Low
EPSS
Percentile
87.5%
BUGTRAQ ID: 31865
CVE(CAN) ID: CVE-2008-3817
Cisco自适应安全设备(ASA)是可提供安全和VPN服务的模块化平台。
如果向Cisco ASA安全设备发送了一系列特制报文的话,就可能在硬件加密加速器的初始化代码中触发内存泄露,导致拒绝服务的情况。仅有发送到设备而不是经过设备的报文才可以触发这个漏洞。
Cisco ASA 8.1
Cisco ASA 8.0
Cisco
Cisco已经为此发布了一个安全公告(cisco-sa-20081022-asa)以及相应补丁:
cisco-sa-20081022-asa:Multiple Vulnerabilities in Cisco PIX and Cisco ASA
链接:<a href=“http://www.cisco.com/warp/public/707/cisco-sa-20081022-asa.shtml” target=“_blank”>http://www.cisco.com/warp/public/707/cisco-sa-20081022-asa.shtml</a>
补丁下载:
<a href=“http://www.cisco.com/pcgi-bin/tablebuild.pl/asa?psrtdcat20e2” target=“_blank”>http://www.cisco.com/pcgi-bin/tablebuild.pl/asa?psrtdcat20e2</a>
Related
prion
prion
Memory corruption
2008-10-23 22:00:00
cve
cve
CVE-2008-3817
2008-10-23 22:00:00
cisco
cisco
Multiple Vulnerabilities in Cisco PIX and Cisco ASA
2008-10-22 16:00:00
securityvulns
securityvulns
Cisco PIX / ASA multiple security vulnerabilities
2008-10-23 00:00:00
Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA
2008-10-23 00:00:00