Vulnerability CVE-2012-0356
Published: 2012-03-14   Modified: 2012-03-15

Description:
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.2) and the Firewall Services Module (FWSM) 3.1 and 3.2 before 3.2(23) and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500 series devices, when multicast routing is enabled, allow remote attackers to cause a denial of service (device reload) via a crafted IPv4 PIM message, aka Bug IDs CSCtr47517 and CSCtu97367.

Type:

CWE-20

 (Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Adaptive security appliance software 
Cisco -> Firewall services module software 
Cisco -> 5500 series adaptive security appliance 
Cisco -> Catalyst 6500 
Cisco -> Catalyst 6503-e 
Cisco -> Catalyst 6504-e 
Cisco -> Catalyst 6506-e 
Cisco -> Catalyst 6509-e 
Cisco -> Catalyst 6509-neb-a 
Cisco -> Catalyst 6509-v-e 
Cisco -> Catalyst 6513 
Cisco -> Catalyst 6513-e 
Cisco -> Firewall services module 

 References:
http://osvdb.org/80041
http://secunia.com/advisories/48421
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-fwsm
http://www.securitytracker.com/id?1026798
http://www.securitytracker.com/id?1026800
https://exchange.xforce.ibmcloud.com/vulnerabilities/74028
Copyright 2024, cxsecurity.com

 

Back to Top