SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Device (Firewall)  >   Cisco ASA Vendors:   Cisco
Cisco ASA 5500 Series IPv6 Processing Bug Lets Remote Users Deny Service
SecurityTracker Alert ID:  1027187
SecurityTracker URL:  http://securitytracker.com/id/1027187
CVE Reference:   CVE-2012-3058   (Links to External Site)
Date:  Jun 20 2012
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 8.4, 8.5, 8.6
Description:   A vulnerability was reported in Cisco ASA. A remote user can cause denial of service conditions.

A remote user can send specially crafted IPv6 data through the target device to cause the target device to reload.

Cisco has assigned Cisco bug ID CSCua27134 to this vulnerability.

The Cisco Catalyst 6500 Series ASA Services Module (Cisco ASASM) is also affected.
Impact:   A remote user can cause the target device to reload.
Solution:   The vendor has issued a fix (8.4(4.1), 8.5(1.11), 8.6 (1.3)).

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6
Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6 (Links to External Site)
Cause:   Not specified
Underlying OS:  

Message History:   None.

 Source Message Contents
Date:  Wed, 20 Jun 2012 12:25:18 -0400
Subject:  Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst
6500 Series ASA Services Module Denial of Service Vulnerability

Advisory ID: cisco-sa-20120620-asaipv6

Revision 1.0

For Public Release 2012 June 20 16:00  UTC (GMT)
+---------------------------------------------------------------------
 
Summary
=======

Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and
Cisco Catalyst 6500 Series ASA Services Module (Cisco ASASM) contain a
vulnerability that may allow an unauthenticated, remote attacker to
cause the reload of the affected device.

Cisco has released free software updates that address this
vulnerability. Workarounds that mitigate this vulnerability are
available. 

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iF4EAREIAAYFAk/hxbwACgkQQXnnBKKRMNDlHQD/ZgbXyT+BpLLekWVNXpDchrth
Ak5JDY58r4n1UxWAdvkA/A0mVVmObudC4/lut8eALOAzHFXPE1liRsUNACuEY1dU
=gzt0
-----END PGP SIGNATURE-----


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC