Denial of Service Vulnerability in Cisco Adaptive Security Appliances and Catalyst Devices
CVE-2012-4643

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance; Catalyst 6500; Catalyst 6503-e
Vendor: CVE Published:; 29 October 2012

Summary

The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module in Cisco Catalyst 6500 series devices is susceptible to a denial of service vulnerability due to improper memory allocation for DHCP packets. This issue allows remote attackers to trigger device reloads by sending specially crafted IPv4 packets. The affected devices are running various software versions prior to the specified updates and can be exploited easily, resulting in potential service outages.

References

http://www.securityfocus.com/bid/55861

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://osvdb.org/86145

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Oct 29, 2012
Vulnerability Reserved
Aug 24, 2012