Podatność CVE-2012-0356
Publikacja: 2012-03-14   Modyfikacja: 2012-03-15

Opis:
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.2) and the Firewall Services Module (FWSM) 3.1 and 3.2 before 3.2(23) and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500 series devices, when multicast routing is enabled, allow remote attackers to cause a denial of service (device reload) via a crafted IPv4 PIM message, aka Bug IDs CSCtr47517 and CSCtu97367.

Typ:

CWE-20

 (Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
7.8/10
6.9/10
10/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Brak
Brak
Pełny
Affected software
Cisco -> Adaptive security appliance software 
Cisco -> Firewall services module software 
Cisco -> 5500 series adaptive security appliance 
Cisco -> Catalyst 6500 
Cisco -> Catalyst 6503-e 
Cisco -> Catalyst 6504-e 
Cisco -> Catalyst 6506-e 
Cisco -> Catalyst 6509-e 
Cisco -> Catalyst 6509-neb-a 
Cisco -> Catalyst 6509-v-e 
Cisco -> Catalyst 6513 
Cisco -> Catalyst 6513-e 
Cisco -> Firewall services module 

 Referencje:
http://osvdb.org/80041
http://secunia.com/advisories/48421
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-fwsm
http://www.securitytracker.com/id?1026798
http://www.securitytracker.com/id?1026800
https://exchange.xforce.ibmcloud.com/vulnerabilities/74028
Copyright 2024, cxsecurity.com

 

Back to Top