Vulnerabilities > CVE-2010-0567 - Denial of Service vulnerability in Cisco ASA 5500 IKE Message

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

cisco

NVD

Published: 2010-02-19

Updated: 2017-08-17

Summary

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (active IPsec tunnel loss and prevention of new tunnels) via a malformed IKE message through an existing tunnel to UDP port 4500, aka Bug ID CSCtc47782.

Vulnerable Configurations

Part	Description	Count
Hardware	Cisco Cisco ASA 5500 7.1 Cisco ASA 5500 7.2 Cisco ASA 5500 8.0 Cisco ASA 5500 8.1 Cisco ASA 5500 8.2 Cisco PIX 500 *	6

References

http://osvdb.org/62436
http://secunia.com/advisories/38618
http://secunia.com/advisories/38636
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml
http://www.securityfocus.com/bid/38279
http://www.securitytracker.com/id?1023612
http://www.vupen.com/english/advisories/2010/0415
https://exchange.xforce.ibmcloud.com/vulnerabilities/56341