CVE-2012-0353

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.0 through 8.0(5.24) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.1 through 8.1(2.49) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.2 through 8.2(5.4) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.3 through 8.3(2.21) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.4 through 8.4(2.0) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.5 through 8.5(1.1)

Description The UDP inspection engine does not properly handle flows, allowing remote attackers to cause a denial of service (device reload) via a crafted series of IPv4 or IPv6 UDP packets.

Recommendations For versions 8.0 through 8.0(5.24), update to version 8.0(5.25) or later. For versions 8.1 through 8.1(2.49), update to version 8.1(2.50) or later. For versions 8.2 through 8.2(5.4), update to version 8.2(5.5) or later. For versions 8.3 through 8.3(2.21), update to version 8.3(2.22) or later. For versions 8.4 through 8.4(2.0), update to version 8.4(2.1) or later. For versions 8.5 through 8.5(1.1), update to version 8.5(1.2) or later.