CVE-2015-6423

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software versions 9.4.1 through 9.5.1

Description The issue allows remote users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic. This is related to the DCERPC Inspection feature, which should only allow DCERPC traffic on TCP port 135, but due to the issue, an unauthenticated, remote attacker could send non-DCERPC traffic between hosts configured only for DCERPC inspection.

Recommendations For versions 9.4.1 through 9.5.1, consider restricting access to the DCERPC Inspection feature until a patch is available, and ensure that only DCERPC traffic is allowed on TCP port 135.