Vulnerabilities > CVE-2008-3816 - Denial of Service vulnerability in Cisco products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 3 |
Oval
| accepted | 2008-12-08T04:00:53.228-05:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet. | ||||
| family | pixos | ||||
| id | oval:org.mitre.oval:def:5499 | ||||
| status | accepted | ||||
| submitted | 2008-05-26T11:06:36.000-04:00 | ||||
| title | Cisco PIX and ASA IPv6 Denial of Service Vulnerability | ||||
| version | 2 |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 31863 CVE(CAN) ID: CVE-2008-3816 PIX是一款防火墙设备,可为用户和应用提供策略强化、多载体攻击防护和安全连接服务;自适应安全设备(ASA)是可提供安全和VPN服务的模块化平台。 特制的IPv6报文可能导致支持IPv6的Cisco ASA和Cisco PIX安全设备重载。仅有发送到设备而不是经过设备的报文才可以触发这个漏洞,这些报文必须发送给配置了IPv6的接口。 Cisco PIX/ASA 7.2 临时解决方法: * 使用no ipv6 address接口子命令禁止处理IPv6报文。 厂商补丁: Cisco ----- Cisco已经为此发布了一个安全公告(cisco-sa-20081022-asa)以及相应补丁: cisco-sa-20081022-asa:Multiple Vulnerabilities in Cisco PIX and Cisco ASA 链接:<a href=http://www.cisco.com/warp/public/707/cisco-sa-20081022-asa.shtml target=_blank>http://www.cisco.com/warp/public/707/cisco-sa-20081022-asa.shtml</a> 补丁下载: <a href=http://www.cisco.com/pcgi-bin/tablebuild.pl/pix?psrtdcat20e2 target=_blank>http://www.cisco.com/pcgi-bin/tablebuild.pl/pix?psrtdcat20e2</a> <a href=http://www.cisco.com/pcgi-bin/tablebuild.pl/asa?psrtdcat20e2 target=_blank>http://www.cisco.com/pcgi-bin/tablebuild.pl/asa?psrtdcat20e2</a> |
| id | SSV:4285 |
| last seen | 2017-11-19 |
| modified | 2008-10-23 |
| published | 2008-10-23 |
| reporter | Root |
| title | Cisco PIX及ASA设备IPv6拒绝服务漏洞 |
References
- http://secunia.com/advisories/32391
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml
- http://www.securityfocus.com/bid/31863
- http://www.securitytracker.com/id?1021086
- http://www.securitytracker.com/id?1021087
- http://www.vupen.com/english/advisories/2008/2899
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46025
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5499