CVE-2012-4661

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.3 through 8.3(2.33) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.4 through 8.4(4.3) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.5 through 8.5(1.12) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.6 through 8.6(1.2) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.3 through 8.3(2.33) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.4 through 8.4(4.3) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.5 through 8.5(1.12) Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices versions 8.6 through 8.6(1.2) Firewall Services Module (FWSM) 4.1 through 4.1(8)

Description A stack-based buffer overflow in the DCERPC inspection engine might allow remote attackers to execute arbitrary code via a crafted DCERPC packet. Successful exploitation could allow an unauthenticated remote attacker to trigger a reload of the affected device, and possibly cause a stack overflow and the execution of arbitrary commands.

Recommendations For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.3, update to version 8.3(2.34) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.4, update to version 8.4(4.4) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.5, update to version 8.5(1.13) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.6, update to version 8.6(1.3) or later. For Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.3, update to version 8.3(2.34) or later. For Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.4, update to version 8.4(4.4) or later. For Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.5, update to version 8.5(1.13) or later. For Cisco ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices version 8.6, update to version 8.6(1.3) or later. For Firewall Services Module (FWSM) 4.1, update to version 4.1(9) or later.