Memory Leak Vulnerability in Cisco ASA and PIX Security Appliances
CVE-2008-3817

Currently unrated

Key Information:

Vendor: Cisco
Status: Pix Security Appliance; Adaptive Security Appliance 5500 Series
Vendor: CVE Published:; 23 October 2008

Summary

A memory leak vulnerability exists in the Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances that could allow remote attackers to consume excessive memory, leading to potential denial of service. The issue arises from the initialization code for the hardware crypto accelerator, resulting in the devices becoming unresponsive when manipulated with a specific sequence of crafted packets. It is crucial for users and administrators to ensure their systems are updated to mitigate this risk.

References

http://www.securityfocus.com/bid/31865

vdb-entryx_refsource_BID

http://secunia.com/advisories/32392

third-party-advisoryx_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

Timeline

Vulnerability published
Oct 23, 2008
Vulnerability Reserved
Aug 27, 2008