Vulnerability CVE-2011-3304
Published: 2011-10-06   Modified: 2012-02-13

Description:
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.2 before 7.2(5.3), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2), and 8.5 before 8.5(1.1) allow remote attackers to cause a denial of service (device reload) via crafted MSN Instant Messenger traffic, aka Bug ID CSCtl67486.

Type:

CWE-399

 (Resource Management Errors)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Adaptive security appliance software 
Cisco -> 5500 series adaptive security appliance 
Cisco -> Asa 5500 
Cisco -> Catalyst 6500 
Cisco -> Catalyst 7600 

 References:
http://xforce.iss.net/xforce/xfdb/70334
http://www.securityfocus.com/bid/49952
http://www.cisco.com/warp/public/707/cisco-sa-20111005-asa.shtml
http://osvdb.org/76091
Copyright 2024, cxsecurity.com

 

Back to Top