1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Cisco Adaptive Security Appliance Buffer Overflow

Attack: Cisco Adaptive Security Appliance Buffer Overflow

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

Attackers can exploit this issue to execute arbitrary code or cause reload of the affected device, resulting in denial-of-service conditions.

Additional Information

Cisco Adaptive Security Appliance products are prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue affects the Simple Network Management Protocol (SNMP) code. An attacker could exploit this issue by sending specially-crafted SNMP packets to the affected system.

Note #1: To exploit this issue, an attacker must know the SNMP community string.

Note #2: Successfully exploiting this issue requires an attacker to direct traffic to the affected system. This issue affects systems configured in routed and transparent firewall mode only and in single or multiple ontext mode. This issue can be triggered by IPv4 traffic only.

Attackers can exploit this issue to execute arbitrary code or cause reload of the affected device, resulting in denial-of-service conditions.

This issue being tracked by Cisco Bug ID CSCva92151.

Affected

  • Cisco ASA Software running on the following products are affected:
  • Cisco ASA 5500 Series Adaptive Security Appliances
  • Cisco ASA 5500-X Series Next-Generation Firewalls
  • Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • Cisco ASA 1000V Cloud Firewall
  • Cisco Adaptive Security Virtual Appliance (ASAv)
  • Cisco Firepower 9300 ASA Security Module
  • Cisco PIX Firewalls
  • Cisco Firewall Services Module (FWSM)
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube