Vulnerabilities > CVE-2012-4643 - Resource Management Errors vulnerability in Cisco products
Summary
The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 before 7.2(5.8), 7.1 before 7.2(5.8), 7.2 before 7.2(5.8), 8.0 before 8.0(5.28), 8.1 before 8.1(2.56), 8.2 before 8.2(5.27), 8.3 before 8.3(2.31), 8.4 before 8.4(3.10), 8.5 before 8.5(1.9), and 8.6 before 8.6(1.5) does not properly allocate memory for DHCP packets, which allows remote attackers to cause a denial of service (device reload) via a series of crafted IPv4 packets, aka Bug ID CSCtw84068.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | CISCO |
NASL id | CISCO-SA-20121010-ASA.NASL |
description | The remote Cisco ASA is missing a security patch and, therefore, may be affected by the following issues : - A remote, unauthenticated attacker could cause a denial of service by sending specially crafted DHCP packets. (CVE-2012-4643) - When configured for Clientless or AnyConnect SSL VPN, receiving a specially crafted AAA response could cause a denial of service. (CVE-2012-4659) - A remote, unauthenticated attacker could cause a denial of service by sending a specially crafted SIP packet. (CVE-2012-4660) - A remote, unauthenticated attacker could execute arbitrary code by exploiting a stack-based buffer overflow in the DCERPC inspection engine. (CVE-2012-4661) - A remote, unauthenticated attacker could cause a denial of service by exploiting vulnerabilities in the DCERPC inspection engine. (CVE-2012-4662, CVE-2012-4663) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 62760 |
published | 2012-10-30 |
reporter | This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/62760 |
title | Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20121010-asa) |