Jason Crowder

**Nome do Software Vulnerável e Versões Afetadas** Software Cisco Secure Firewall Adaptive Security Appliance (ASA) e Software Cisco Secure Firewall Threat Defense (FTD) (versões afetadas não especificadas) **Descrição** Uma falha existe na implementação do protocolo OSPF do software que poderia permitir que um atacante remoto e não autenticado interrompesse o serviço. O problema decorre do tratamento inadequado de pacotes do protocolo OSPF, levando à corrupção de memória. Um atacante pode explorar isso enviando pacotes OSPF especialmente elaborados para um dispositivo vulnerável. Uma exploração bem-sucedida pode causar a reinicialização do dispositivo, resultando em uma condição de negação de serviço (DoS). **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do Software Vulnerável e Versões Afetadas** Software Cisco Secure Firewall ASA e Software Cisco Secure FTD (versões afetadas não especificadas) **Descrição** Existe uma falha no protocolo OSPF que pode permitir que um atacante com a chave secreta do OSPF, que esteja adjacente a um dispositivo afetado, cause o reinício inesperado do dispositivo, levando a uma condição de negação de serviço (DoS). Este problema é causado por corrupção de heap ao analisar pacotes dentro do serviço OSPF. Um atacante poderia explorar isso enviando pacotes manipulados ao serviço OSPF, potencialmente corrompendo o heap e acionando o reinício. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do Software Vulnerável e Versões Afetadas** Cisco Secure Firewall ASA Software e Cisco Secure FTD Software (versões afetadas não especificadas) **Descrição** Existe uma vulnerabilidade no protocolo OSPF que pode permitir que um atacante próximo cause uma reinicialização inesperada de um dispositivo, resultando em uma negação de serviço. O problema decorre da validação inadequada de entradas ao processar pacotes de atualização OSPF. Um atacante poderia explorar isso enviando pacotes de atualização OSPF especialmente elaborados, possivelmente desencadeando um estouro de buffer e fazendo com que o dispositivo seja reinicializado. Se a autenticação OSPF estiver habilitada, o atacante precisa conhecer a chave secreta para explorar com sucesso essa vulnerabilidade. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do Software Vulnerável e Versões Afetadas** Software Cisco Secure Firewall ASA (versões afetadas não especificadas) Software Cisco Secure FTD (versões afetadas não especificadas) **Descrição** Existe uma falha no protocolo OSPF do Software Cisco Secure Firewall ASA e do Software Cisco Secure FTD. Um atacante não autenticado e adjacente pode acionar uma reinicialização inesperada do dispositivo, levando a uma condição de negação de serviço (DoS) quando a depuração de canonicalização OSPF está habilitada usando o comando `debug ip ospf canon`. Isso é causado por validação de entrada inadequada ao processar pacotes OSPF Link State Update (LSU). Um atacante poderia explorar isso enviando pacotes OSPF especialmente elaborados, potencialmente permitindo-lhes escrever na memória fora da área alocada para os dados do pacote, resultando na reinicialização do dispositivo e DoS. **Recomendações** Atualmente, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Cisco Snort 3 (affected versions not specified) **Description** Improper error checking during VBA data decompression in the Snort 3 VBA feature can allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash, resulting in a denial-of-service (DoS) condition. An attacker can exploit these issues by sending crafted VBA data to the Snort 3 Detection Engine. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Snort 3 (affected versions not specified) **Description** A flaw exists in the Snort 3 Visual Basic for Applications (VBA) feature that could allow a remote, unauthenticated attacker to crash the Snort 3 Detection Engine. This is caused by insufficient error checking during VBA data decompression. An attacker could exploit this by sending specially crafted VBA data to the engine, leading to a denial of service (DoS) condition and unexpected restarts. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Snort 3 (affected versions not specified) **Description** A flaw exists in the Snort 3 VBA feature that may allow a remote, unauthenticated attacker to crash the Snort 3 Detection Engine. This is caused by insufficient error checking during VBA data decompression. An attacker could exploit this by sending specially crafted VBA data to the engine, potentially leading to a denial-of-service (DoS) condition where the engine enters an infinite loop. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco products (affected versions not specified) **Description** A flaw exists in the Snort 3 detection engine that may allow a remote attacker to disrupt packet inspection. This is caused by insufficient error checking during the parsing of remote procedure call (RPC) data. An attacker could exploit this by sending specially crafted RPC packets through an existing connection, potentially leading to a denial-of-service (DoS) condition as the Snort 3 Detection Engine restarts unexpectedly. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software (affected versions not specified) **Description** A flaw exists in the OSPF protocol implementation of the software that could allow a nearby, authorized attacker to deplete device memory, leading to a denial of service. This is caused by improper input validation when processing OSPF packets. An attacker can exploit this by sending specially crafted OSPF packets to the device. A successful exploit could exhaust memory, resulting in a denial of service condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Firewall ASA Software and Cisco Secure FTD Software (affected versions not specified) **Description** A flaw exists in the IKEv2 feature that may allow a remote, unauthenticated attacker to trigger a denial-of-service (DoS) condition on a vulnerable device. This could also impact the availability of services to other devices on the network. The issue stems from a failure to release memory during IKEv2 packet processing, leading to memory exhaustion when crafted IKEv2 packets are sent to the device. A successful exploit could exhaust system resources, resulting in a DoS condition that requires manual device reloading. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software (affected versions not specified) **Description** A flaw exists in the Remote Access SSL VPN, HTTP management, and MUS functionality that could allow a remote, unauthenticated attacker to deplete device memory, leading to a denial of service (DoS) condition and requiring a manual reboot. This is caused by a failure to validate user-supplied input. An attacker could exploit this by transmitting specially crafted packets to the Remote Access SSL VPN server, potentially causing the device to become unresponsive. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Firewall Management Center (FMC) Software (affected versions not specified) **Description** A flaw exists in the lockdown mechanism of the software that may allow a local attacker with valid administrative credentials to execute arbitrary commands as root. The issue stems from inadequate restrictions on remediation modules when the system is in lockdown mode. Exploitation involves sending crafted input to the system command-line interface (CLI). A successful exploit could enable an attacker to run arbitrary commands or code with root privileges, even while the system is in lockdown. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software (affected versions not specified) **Description** A flaw exists in the Remote Access SSL VPN functionality that could allow a remote, unauthenticated attacker to cause a denial of service (DoS) condition affecting new Remote Access SSL VPN connections by exhausting device memory. This issue stems from a failure to validate user-supplied input. An attacker could exploit this by sending specially crafted packets to the Remote Access SSL VPN server, potentially causing the device web interface to become unresponsive. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Firewall ASA Software and Cisco Secure FTD Software (affected versions not specified) **Description** A flaw exists in the IKEv2 feature that may allow a remote attacker to disrupt service availability. The issue stems from a memory leak during the processing of IKEv2 packets. An attacker could exploit this by sending specially crafted IKEv2 packets, potentially exhausting system resources and causing a denial-of-service (DoS) condition requiring a manual device reload. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Firewall ASA Software and Cisco Secure FTD Software (affected versions not specified) **Description** A flaw exists in the IKEv2 feature that may allow a remote attacker with valid VPN user credentials to trigger a denial-of-service (DoS) condition. This issue stems from improper handling of IKEv2 packets. An attacker could exploit this by sending specially crafted, authenticated IKEv2 packets to a vulnerable device, potentially exhausting memory and causing a reload. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software (affected versions not specified) **Description** A flaw exists in the Remote Access SSL VPN functionality that may allow a remote attacker with a valid VPN connection to deplete device memory, leading to a denial of service (DoS) condition. The issue stems from a lack of input validation, enabling an attacker to exploit the system by transmitting specially crafted packets to the Remote Access SSL VPN server. A successful exploit could force the device to reload, resulting in a DoS condition. This does not impact the management or MUS interfaces. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Snort 3 (affected versions not specified) **Description** A flaw exists in the Snort 3 VBA feature that may allow a remote attacker to cause the Snort 3 Detection Engine to crash. This is due to improper range checking during the decompression of VBA data, which is controlled by the user. An attacker could exploit this by sending crafted VBA data to the Snort 3 Detection Engine, potentially leading to a heap data overflow and a denial-of-service (DoS) condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Snort 3 Detection Engine (affected versions not specified) **Description** A flaw exists in the Snort 3 detection engine that may allow a remote attacker to disrupt packet inspection. This is due to insufficient validation when processing Multicast DNS fields within HTTP headers. An attacker could exploit this by sending specially crafted HTTP packets through an existing connection, potentially causing the Snort 3 Detection Engine to restart and leading to a denial-of-service (DoS) condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Snort 3 Detection Engine (affected versions not specified) **Description** A flaw exists in the Snort 3 Detection Engine that may allow a remote attacker to disrupt packet inspection. This is due to an error in the JSTokenizer normalization logic when handling JavaScript during HTTP inspection. An attacker could exploit this by sending specially crafted HTTP packets through an existing connection. Successful exploitation could lead to a denial-of-service condition as the Snort 3 Detection Engine unexpectedly restarts. JSTokenizer is not enabled by default. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do Software Vulnerável e Versões Afetadas** Cisco Secure Firewall ASA Software e Cisco Secure FTD Software (versões afetadas não especificadas) **Descrição** Uma vulnerabilidade no protocolo OSPF pode permitir que um atacante autenticado e adjacente cause uma reinicialização inesperada do dispositivo, resultando em uma condição de negação de serviço (DoS). O problema decorre da validação inadequada de entrada ao processar pacotes de atualização de estado de link OSPF (LSU). Um atacante poderia explorar essa vulnerabilidade enviando pacotes LSU OSPF especialmente criados, possivelmente corrompendo o heap e acionando a negação de serviço. Para explorar com sucesso, o atacante deve possuir a chave secreta OSPF. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.