PT-2012-5530 · Cisco · Asa Services Module+2

Published

2012-10-10

·

Updated

2023-08-15

·

CVE-2012-4660

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.2 through 8.2(5.16) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.3 through 8.3(2.27) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.4 through 8.4(2.12) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.5 through 8.5(1.3) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.6 through 8.6(1.4) ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.2 through 8.2(5.16) ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.3 through 8.3(2.27) ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.4 through 8.4(2.12) ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.5 through 8.5(1.3) ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.6 through 8.6(1.4)
Description The issue allows remote attackers to cause a denial of service (device reload) via a crafted SIP media-update packet. Successful exploitation could allow an unauthenticated remote attacker to trigger a reload of the affected device. Additionally, exploitation could cause a stack overflow and possibly the execution of arbitrary commands.
Recommendations For versions 8.2 through 8.2(5.16), update to version 8.2(5.17) or later. For versions 8.3 through 8.3(2.27), update to version 8.3(2.28) or later. For versions 8.4 through 8.4(2.12), update to version 8.4(2.13) or later. For versions 8.5 through 8.5(1.3), update to version 8.5(1.4) or later. For versions 8.6 through 8.6(1.4), update to version 8.6(1.5) or later. As a temporary workaround, consider restricting access to the SIP inspection engine until a patch is available.

Fix

DoS

Buffer Overflow

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2012-4660

Affected Products

Asa Services Module
Cisco Asa
Cisco Catalyst 6500