CVE-2012-4659

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.2 before 8.2(5.30) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.3 before 8.3(2.34) ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.2 before 8.2(5.30) ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.3 before 8.3(2.34)

Description The issue allows remote attackers to cause a denial of service via a crafted authentication response. Successful exploitation could allow an unauthenticated remote attacker to trigger a reload of the affected device. Additionally, exploitation could cause a stack overflow and possibly the execution of arbitrary commands.

Recommendations For versions 8.2 before 8.2(5.30), update to version 8.2(5.30) or later. For versions 8.3 before 8.3(2.34), update to version 8.3(2.34) or later. As a temporary workaround, consider restricting access to the AAA functionality until a patch is available.