Denial of Service Vulnerability in Cisco Adaptive Security Appliances and PIX Security Appliances
CVE-2011-0393

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance; Asa 5500
Vendor: CVE Published:; 25 February 2011

Summary

A vulnerability exists in Cisco Adaptive Security Appliances (ASA) 5500 series and PIX Security Appliances 500 series devices when configured in transparent firewall mode without IPv6 support. This misconfiguration allows remote attackers to exploit the devices using IPv6 traffic, leading to denial of service from packet buffer exhaustion and, potentially, device outages. Customers should ensure that devices are properly configured to mitigate this risk.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id?1025108

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/43488

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 25, 2011
Vulnerability Reserved
Jan 7, 2011