Stack-based Buffer Overflow in Cisco Adaptive Security Appliances and Catalyst Switches
CVE-2012-4661

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance; 7600 Router; Catalyst 6500
Vendor: CVE Published:; 29 October 2012

Summary

A stack-based buffer overflow has been identified in the DCERPC inspection engine found in Cisco Adaptive Security Appliances (ASA) 5500 series and Catalyst 6500 series devices. This vulnerability allows remote attackers to potentially execute arbitrary code by sending a specially crafted DCERPC packet. It affects various software versions across multiple products, demonstrating critical implications for network security and device integrity. Proper security measures and prompt updates are necessary to mitigate the risk associated with this vulnerability.

References

http://www.securityfocus.com/bid/55863

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://secunia.com/advisories/50857

third-party-advisoryx_refsource_SECUNIA

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 29, 2012
Vulnerability Reserved
Aug 24, 2012