Cisco ASA Multiple Vulnerabilities

Last Update Date: 11 Oct 2012 11:42 Release Date: 11 Oct 2012 3979 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

Multiple vulnerabilities have been identified in Cisco ASA. A remote user can execute arbitrary code on the target system, and cause denial of service conditions.

A remote user can send specially crafted DHCP data via IPv4 to the DHCP server on the target device or through the target device to trigger a memory allocation error and cause the target device to reload.
A remote user can send a specially crafted response to an AAA challenge via IPv4 on an SSL VPN connection to cause the target device to reload. Cisco ASA Software configured for Clientless or AnyConnect SSL VPN is affected. IPsec VPN Server, IPSEC/L2TP VPN Server, or IKEv2 AnyConnect server configurations are not affected.
A remote user can send specially crafted SIP packets (as part of an established SIP session) through the target device to cause the target device to reload.
A remote user can send specially crafted DCERPC data through the target device to trigger a stack overflow in the DCERPC inspection engine and execute arbitrary code on the target device or cause the target device to reload.

Impact

Denial of Service
Remote Code Execution

System / Technologies affected

ASA 5500 Series, Cisco Catalyst 6500 Series ASA Services Module

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

The vendor has issued a fix (7.2(5.8), 8.0(5.28), 8.1(2.56), 8.2(5.33), 8.3(2.34), 8.4(4.5), 8.5(1.14), 8.6(1.5)).
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa

Vulnerability Identifier

Source

SecurityTracker