David Barksdale

**Nome do software vulnerável e versões afetadas** Wind River VxWorks, versões 6.5 a 7 **Descrição** Uma sobrecarga de buffer na pilha do cliente DNS, na função `ipdnsc decode name()`, afeta o software. Este problema afeta apenas produtos que não são mais suportados pelo mantenedor. **Recomendações** Para as versões 6.5 a 7, como essas versões não são mais suportadas, não há informações sobre uma versão mais recente que contenha uma correção para este problema.

**Name of the Vulnerable Software and Affected Versions** Cisco Adaptive Security Appliance versions prior to 8.4(7.30) Cisco Adaptive Security Appliance versions prior to 8.7(1.18) Cisco Adaptive Security Appliance versions prior to 9.0(4.38) Cisco Adaptive Security Appliance versions prior to 9.1(7) Cisco Adaptive Security Appliance versions prior to 9.2(4.5) Cisco Adaptive Security Appliance versions prior to 9.3(3.7) Cisco Adaptive Security Appliance versions prior to 9.4(2.4) Cisco Adaptive Security Appliance versions prior to 9.5(2.2) **Description** The issue is caused by a buffer overflow in the IKEv1 and IKEv2 implementations, which can be exploited by sending specially crafted UDP packets. This may allow a remote attacker to execute arbitrary code or cause a denial of service, resulting in a device reload. **Recommendations** For versions prior to 8.4(7.30), update to 8.4(7.30) or later. For versions prior to 8.7(1.18), update to 8.7(1.18) or later. For versions prior to 9.0(4.38), update to 9.0(4.38) or later. For versions prior to 9.1(7), update to 9.1(7) or later. For versions prior to 9.2(4.5), update to 9.2(4.5) or later. For versions prior to 9.3(3.7), update to 9.3(3.7) or later. For versions prior to 9.4(2.4), update to 9.4(2.4) or later. For versions prior to 9.5(2.2), update to 9.5(2.2) or later. As a temporary workaround, consider restricting access to UDP packets to minimize the risk of exploitation.