CVE-2005-3788

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) versions 7.0(0) through 7.0(4)

Description The issue is related to a race condition that occurs when the Cisco Adaptive Security Appliance (ASA) is running with an Active/Standby configuration and the failover LAN interface fails. This allows remote attackers to cause a denial of service by sending spoofed ARP responses from an IP address of an active firewall, preventing the standby firewall from becoming active.

Recommendations For Cisco Adaptive Security Appliance (ASA) versions 7.0(0) through 7.0(4), consider configuring the failover setup to use a more secure method to prevent spoofed ARP responses, and ensure that the standby firewall can become active even if the failover LAN interface fails. At the moment, there is no information about a newer version that contains a fix for this vulnerability.