CVE-2016-6432

Name of the Vulnerable Software and Affected Versions Cisco ASA Software versions prior to 9.6(2.1)

Description A buffer overflow in the Identity Firewall feature could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability can be exploited by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software, allowing the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. This issue affects systems configured in routed and transparent firewall mode and in single or multiple context mode, and can be triggered by IPv4 traffic.

Recommendations For versions prior to 9.6(2.1), update to version 9.6(2.1) or later to resolve the issue. As a temporary workaround, consider restricting access to the Identity Firewall feature until a patch is available. Avoid using the affected feature in production environments until the issue is resolved.