Denial of Service Vulnerability in Cisco Adaptive Security Appliances and Catalyst Series Devices
CVE-2012-4660

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance; Catalyst 6500; Catalyst 6503-e
Vendor: CVE Published:; 29 October 2012

Summary

The SIP inspection engine present in Cisco Adaptive Security Appliances (ASA) 5500 series and the ASA Services Module (ASASM) in Catalyst 6500 series devices can be exploited by remote attackers through specially crafted SIP media-update packets. This exploitation can lead to a denial of service, resulting in a device reload. Multiple software versions on these devices prior to certain updates remain vulnerable, highlighting the necessity for timely updates to mitigate such risks.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/55864

vdb-entryx_refsource_BID

http://osvdb.org/86144

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Oct 29, 2012
Vulnerability Reserved
Aug 24, 2012