Denial of Service Vulnerability in Cisco ASA 5500 Series Devices
CVE-2011-4006

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance
Vendor: CVE Published:; 2 May 2012

Summary

The ESMTP inspection feature in Cisco's Adaptive Security Appliances (ASA) 5500 series can be exploited by remote attackers to induce excessive CPU usage, effectively resulting in a denial of service. This occurs through an unspecified closing sequence that triggers a bug (ID CSCtt32565). Devices running software versions 8.2 through 8.5 are particularly susceptible, making timely updates imperative to maintain security and performance.

References

http://www.securitytracker.com/id?1027008

vdb-entryx_refsource_SECTRACK

http://www.cisco.com/web/software/283878312/88166/ASA-851...

x_refsource_CONFIRM

Timeline

Vulnerability published
May 2, 2012
Vulnerability Reserved
Oct 6, 2011