Remote Denial of Service Vulnerability in Cisco ASA 5500 and PIX 500 Security Appliances
CVE-2010-0149

Currently unrated

Key Information:

Vendor: Cisco
Status: Asa 5500; Pix 500
Vendor: CVE Published:; 19 February 2010

Summary

A vulnerability exists in the Cisco ASA 5500 Series Adaptive Security Appliances and the Cisco PIX 500 Series Security Appliance that allows remote attackers to execute a denial of service attack. This can be achieved through specially crafted TCP segments sent during the termination of a TCP connection, leading to a situation where the connection remains in a CLOSEWAIT state. This state prevents the establishment of new TCP connections, potentially disrupting network services.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/38275

vdb-entryx_refsource_BID

http://secunia.com/advisories/38618

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 19, 2010
Vulnerability Reserved
Jan 4, 2010