Vulnerabilities > CVE-2007-2461 - Unspecified vulnerability in Cisco Adaptive Security Appliance Software and PIX
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 1 | |
OS | 1 |
References
- http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html
- http://www.kb.cert.org/vuls/id/530057
- http://www.securityfocus.com/bid/23763
- http://www.securitytracker.com/id?1017999
- http://www.securitytracker.com/id?1018000
- http://secunia.com/advisories/25109
- http://www.osvdb.org/35330
- http://www.vupen.com/english/advisories/2007/1635
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34026