Test Kennung:	1.3.6.1.4.1.25623.1.0.105999
Kategorie:	CISCO
Titel:	Cisco ASA DNS Memory Exhaustion Vulnerability (cisco-sa-20150408-asa)
Zusammenfassung:	Cisco ASA is prone to a DNS memory exhaustion vulnerability.
Beschreibung:	Summary: Cisco ASA is prone to a DNS memory exhaustion vulnerability. Vulnerability Insight: The vulnerability is due to improper processing of DNS packets. An attacker could exploit this vulnerability by sending a request to an affected Cisco ASA appliance, which can cause it to generate a DNS request packet. The attacker would need to be able to intercept this request and reply with a crafted DNS reply packet. Vulnerability Impact: An unauthenticated, remote attacker could exploit this vulnerability by sending a request to a targeted device, causing the device to generate a DNS request packet. If the attacker can intercept the request and reply with a crafted DNS packet, the attacker could cause the device to exhaust available memory resources to cause system instability that results in a DoS condition. Affected Software/OS: Cisco ASA version 7.2, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 9.0, 9.1, 9.2, 9.3. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0676 Cisco Security Advisory: 20150408 Multiple Vulnerabilities in Cisco ASA Software http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa http://www.securitytracker.com/id/1032045
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.