CVE-2012-0356

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 7.0 through 7.2 before 7.2(5.7) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.0 before 8.0(5.27) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.1 before 8.1(2.53) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.2 before 8.2(5.8) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.3 before 8.3(2.25) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.4 before 8.4(2.5) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.5 before 8.5(1.2) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 7.0 through 7.2 before 7.2(5.7) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.0 before 8.0(5.27) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.1 before 8.1(2.53) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.2 before 8.2(5.8) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.3 before 8.3(2.25) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.4 before 8.4(2.5) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.5 before 8.5(1.2) Firewall Services Module (FWSM) in Cisco Catalyst 6500 series devices version 3.1 Firewall Services Module (FWSM) in Cisco Catalyst 6500 series devices version 3.2 before 3.2(23) Firewall Services Module (FWSM) in Cisco Catalyst 6500 series devices version 4.0 Firewall Services Module (FWSM) in Cisco Catalyst 6500 series devices version 4.1 before 4.1(8)

Description The issue allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 PIM message when multicast routing is enabled.

Recommendations For Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 7.0 through 7.2 before 7.2(5.7), update to version 7.2(5.7) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.0 before 8.0(5.27), update to version 8.0(5.27) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.1 before 8.1(2.53), update to version 8.1(2.53) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.2 before 8.2(5.8), update to version 8.2(5.8) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.3 before 8.3(2.25), update to version 8.3(2.25) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.4 before 8.4(2.5), update to version 8.4(2.5) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.5 before 8.5(1.2), update to version 8.5(1.2) or later. For Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, apply the same updates as for the Cisco Adaptive Security Appliances (ASA) 5500 series devices. For Firewall Services Module (FWSM) in Cisco Catalyst 6500 series devices version 3.1, update to version 3.2(23) or later. For Firewall Services Module (FWSM) in Cisco Catalyst 6500 series devices version 3.2 before 3.2(23), update to version 3.2(23) or later. For Firewall Services Module (FWSM) in Cisco Catalyst 6500 series devices version 4.0, update to version 4.1(8) or later. For Firewall Services Module (FWSM) in Cisco Catalyst 6500 series devices version 4.1 before 4.1(8), update to version 4.1(8) or later. As a temporary workaround, consider disabling multicast routing until a patch is available.