CVE-2012-4643

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 7.0 through 7.2(5.7) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 7.1 through 7.2(5.7) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 7.2 before 7.2(5.8) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.0 before 8.0(5.28) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.1 before 8.1(2.56) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.2 before 8.2(5.27) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.3 before 8.3(2.31) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.4 before 8.4(3.10) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.5 before 8.5(1.9) Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.6 before 8.6(1.5)

Description The DHCP server does not properly allocate memory for DHCP packets, allowing remote attackers to cause a denial of service via crafted IPv4 packets. Successful exploitation could allow an unauthenticated remote attacker to trigger a reload of the affected device.

Recommendations For versions 7.0 through 7.2(5.7), update to version 7.2(5.8) or later. For version 8.0 before 8.0(5.28), update to version 8.0(5.28) or later. For version 8.1 before 8.1(2.56), update to version 8.1(2.56) or later. For version 8.2 before 8.2(5.27), update to version 8.2(5.27) or later. For version 8.3 before 8.3(2.31), update to version 8.3(2.31) or later. For version 8.4 before 8.4(3.10), update to version 8.4(3.10) or later. For version 8.5 before 8.5(1.9), update to version 8.5(1.9) or later. For version 8.6 before 8.6(1.5), update to version 8.6(1.5) or later.