Vulnerability CVE-2011-0394
Published: 2011-02-25   Modified: 2012-02-13

Description:
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952.

Type:

CWE-399

 (Resource Management Errors)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Adaptive security appliance software 
Cisco -> 5500 series adaptive security appliance 
Cisco -> Asa 5500 
Cisco -> Firewall services module 
Cisco -> Pix 500 
Cisco -> Adaptive security appliance 
Cisco -> Firewall services module software 

 References:
http://xforce.iss.net/xforce/xfdb/65593
http://www.vupen.com/english/advisories/2011/0494
http://www.vupen.com/english/advisories/2011/0493
http://www.securitytracker.com/id?1025109
http://www.securitytracker.com/id?1025108
http://www.securityfocus.com/bid/46518
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml
http://secunia.com/advisories/43488
http://secunia.com/advisories/43453
Copyright 2024, cxsecurity.com

 

Back to Top