CVE-2012-4661

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance; 7600 Router; Catalyst 6500
Vendor: CVE Published:; 29 October 2012

Summary

Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522.

References

http://www.securityfocus.com/bid/55863

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://secunia.com/advisories/50857

third-party-advisoryx_refsource_SECUNIA

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 29, 2012
Vulnerability Reserved
Aug 24, 2012