DCERPC Denial of Service Vulnerability in Cisco Adaptive Security Appliances and Catalyst Switches
CVE-2012-4662

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance; 7600 Router; Catalyst 6500
Vendor: CVE Published:; 29 October 2012

Summary

The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series and ASA Services Module (ASASM) in Catalyst 6500 series has a vulnerability that permits remote attackers to trigger a denial of service through specially crafted DCERPC packets. This could lead to a reload of the affected devices, disrupting network services and potentially exposing networks to further attacks. Versions before 8.3(2.25), 8.4(2.5), 8.5(1.13) on ASA devices and versions before 4.1(7) on FWSM in Catalyst switches are specifically impacted.

References

http://www.securityfocus.com/bid/55862

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

https://exchange.xforce.ibmcloud.com/vulnerabilities/79174

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Oct 29, 2012
Vulnerability Reserved
Aug 24, 2012