Denial of Service Vulnerability in Cisco Adaptive Security Appliances and Catalyst Devices
CVE-2012-4659

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance; Catalyst 6500; Catalyst 6503-e
Vendor: CVE Published:; 29 October 2012

Summary

The AAA functionality in the IPv4 SSL VPN implementation found in Cisco Adaptive Security Appliances (ASA) 5500 series and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series can be exploited by remote attackers. By sending a specially crafted authentication response, an attacker can trigger a device reload, leading to a denial of service. Affected versions are prior to 8.2(5.30) and 8.3(2.34).

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/55865

vdb-entryx_refsource_BID

http://osvdb.org/86137

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Oct 29, 2012
Vulnerability Reserved
Aug 24, 2012