what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Cisco Security Advisory 20150408-asa

Cisco Security Advisory 20150408-asa
Posted Apr 9, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Adaptive Security Appliance (ASA) Software is affected by command injection, memory exhaustion, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
SHA-256 | 002287a420933aae31fd15f0d7d5940f2f4023cf6588b7d6edf90aa5cb93c2d2

Cisco Security Advisory 20150408-asa

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Vulnerabilities in Cisco ASA Software

Advisory ID: cisco-sa-20150408-asa

Revision 1.0

For Public Release 2015 April 8 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Cisco Adaptive Security Appliance (ASA) Software is affected by the following vulnerabilities:

Cisco ASA Failover Command Injection Vulnerability
Cisco ASA DNS Memory Exhaustion Vulnerability
Cisco ASA VPN XML Parser Denial of Service Vulnerability

Successful exploitation of the Cisco ASA Failover Command Injection Vulnerability would allow an attacker to submit failover commands to the failover units, which may result in an attacker taking full control of the systems.

Successful exploitation of the Cisco ASA DNS Memory Exhaustion Vulnerability may result in system instability and dropped traffic.

Successful exploitation of the Cisco ASA VPN XML Parser Denial of Service Vulnerability may result in a crash of the WebVPN process, which may lead to the reset of all SSL VPN connections, system instability, and a reload of the affected system.


Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available for the Cisco ASA Failover Command Injection Vulnerability and Cisco ASA DNS Memory Exhaustion Vulnerability. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVSVT84pI1I6i1Mx3AQJwxw//as14VQOywXvym9zWeAnTr/znAvfoBlKx
W4GkFk+00lI7n39cc9AD4qsTSBi+LJjDSc/Qsp2ocJVislsTrE57KG4oPP9mQS7f
1RU7Z8eDZLYH5rcU/Gb7dahIs0GLNr3ZO4m1ArA01J49W5wCN6R6PL4Qt2H41RNT
+/Xo+ULufjKEIub+6hqsF4AyTB3Hg/S8u/NHrRn6xi+SPUv83JwAPTGRiJjZkWrD
Q7N7vLTTj6kNhtDbn2AO0N5j0ZfHf/DAPs6lsR3Q7tcF+eJVMEKNFczSQWCWEiq4
gejIu6Hg4dY6gZsr+0aGx9plPYdp4Ofeu8JrhSPQbkUcnZ7RUjKnPwMcUIvETG3C
0FGsFsEC2DQtJJ8/SRDHWfDEb2p+ROlqGVKmGaYoavxFdPPOlvBDo4Mmhiy61Y5y
orjqJk7iCBAv8VUDp9H6A1TkewXA6VHXKpXKbZ3vx+/JsmqQb1cSKVfSQMiiGPu/
+0OHZvyaOh2GGGnit6qk1/1sUerDZNLjlTeQ+TYDwPRGIeduwJfibnaXLp9wOkTv
UoicR7laeB9oqwWpUxzmH6J5NrFdb2rP8ZgH8f1QDB3bHAJFmQ4Pp9ZkhydEMxAH
7ZyK2FmwElXVrqd7tqgrY5VUcsgKwTH6/SRD7Et+MAAhKFueDKQC3FJkfELzUk9D
h4MUiEy8rJ0=
=n67F
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close