PT-2009-3266 · Cisco · Cisco Ace Application Control Engine Module+3

Publicado

2009-02-26

·

Atualizado

2009-03-03

·

CVE-2009-0625

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers versions prior to A2(1.2) Cisco ACE 4710 Application Control Engine Appliance versions prior to A1(8.0)
Description The issue allows remote attackers to cause a denial of service, resulting in a device reload, by sending a crafted SNMPv3 packet.
Recommendations For Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers versions prior to A2(1.2), update to version A2(1.2) or later. For Cisco ACE 4710 Application Control Engine Appliance versions prior to A1(8.0), update to version A1(8.0) or later.

Correção

DoS

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2009-0625

Produtos afetados

7600 Routers
Catalyst 6500 Switches
Cisco Ace 4710 Application Control Engine Appliance
Cisco Ace Application Control Engine Module