Vulnerability CVE-2011-3303
Published: 2011-10-06   Modified: 2012-02-13

Description:
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.6), 8.3 before 8.3(2.23), 8.4 before 8.4(2.7), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via malformed ILS traffic, aka Bug IDs CSCtq57697 and CSCtq57802.

Type:

CWE-399

 (Resource Management Errors)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Adaptive security appliance software 
Cisco -> Firewall services module software 
Cisco -> 5500 series adaptive security appliance 
Cisco -> Asa 5500 
Cisco -> Catalyst 6500 
Cisco -> Catalyst 7600 

 References:
http://xforce.iss.net/xforce/xfdb/70329
http://www.cisco.com/warp/public/707/cisco-sa-20111005-fwsm.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20111005-asa.shtml
http://osvdb.org/76090
Copyright 2024, cxsecurity.com

 

Back to Top