Vulnerabilities > CVE-2010-0151 - Remote Denial of Service vulnerability in Cisco Firewall Services Module 4.0/4.0(4)/4.0(6)
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message. Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml "All non-fixed 4.x versions of Cisco FWSM Software are affected by this vulnerability if SCCP inspection is enabled. SCCP inspection is enabled by default."
Vulnerable Configurations
References
- http://osvdb.org/62432
- http://secunia.com/advisories/38621
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml
- http://www.securityfocus.com/bid/38274
- http://www.securitytracker.com/id?1023609
- http://www.vupen.com/english/advisories/2010/0418
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56333