Cisco ASA Software Multiple Vulnerabilities

2013-04-10 / 2013-04-12
Credit: Cisco
Risk: Medium
Local: No
Remote: Yes
CWE: N/A

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software Advisory ID: cisco-sa-20130410-asa Revision 1.0 For Public Release 2013 April 10 16:00 UTC (GMT) +---------------------------------------------------------------------- Summary ======= Cisco ASA Software is affected by the following vulnerabilities: IKE Version 1 Denial of Service Vulnerability Crafted URL Denial of Service Vulnerability Denial of Service During Validation of Crafted Certificates DNS Inspection Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Successful exploitation of any of these vulnerabilities may result in a reload of an affected device, leading to a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa Note: The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers may be affected by some of the vulnerabilities listed above. A separate Cisco Security Advisory has been published to disclose the vulnerabilities that affect the Cisco FWSM. This advisory is available at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm

References:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top