CISCO : Cisco ASA DHCPv6 Relay DoS Vulnerability (cisco-sa-20150115-asa-dhcp)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.106053

Categoría: CISCO

Título: Cisco ASA DHCPv6 Relay DoS Vulnerability (cisco-sa-20150115-asa-dhcp)

Resumen: A vulnerability in the DHCPv6 relay feature of Cisco ASA may; lead to a denial of service.

Descripción: Summary:
A vulnerability in the DHCPv6 relay feature of Cisco ASA may
lead to a denial of service.

Vulnerability Insight:
A vulnerability in the DHCPv6 relay feature could allow an
unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due
to insufficient validation of DHCPv6 packets. Cisco ASA Software is affected by this
vulnerability only if the software is configured with the DHCPv6 relay feature. An attacker could
exploit this vulnerability by sending crafted DHCPv6 packets to an affected device. Only DHCPv6
packets directed to the Cisco ASA interface where the DHCPv6 relay feature is enabled can be used
to trigger this vulnerability.

Vulnerability Impact:
An unauthenticated, remote attacker could cause the system to
reload.

Affected Software/OS:
Version 9.0, 9.1, 9.2 and 9.3 on Cisco Adaptive Security
Virtual Appliance (ASAv), Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security
Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA Services Module for
Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers.

Solution:
Apply the appropriate updates from Cisco. As a workaround
disable the DHCPv6 relay feature.

CVSS Score:
5.7

CVSS Vector:
AV:A/AC:M/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-0578
BugTraq ID: 72718
http://www.securityfocus.com/bid/72718
Cisco Security Advisory: 20150114 Cisco ASA DHCPv6 Relay DoS Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0578
Cisco Security Advisory: 20150115 Cisco Adaptive Security Appliance DHCPv6 Relay Denial of Service Vulnerability
https://tools.cisco.com/security/center/viewAlert.x?alertId=37022
http://www.securitytracker.com/id/1031542
XForce ISS Database: cisco-asa-cve20150578-dos(100549)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100549

Copyright Copyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.106053
Categoría:	CISCO
Título:	Cisco ASA DHCPv6 Relay DoS Vulnerability (cisco-sa-20150115-asa-dhcp)
Resumen:	A vulnerability in the DHCPv6 relay feature of Cisco ASA may; lead to a denial of service.
Descripción:	Summary: A vulnerability in the DHCPv6 relay feature of Cisco ASA may lead to a denial of service. Vulnerability Insight: A vulnerability in the DHCPv6 relay feature could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 packets. Cisco ASA Software is affected by this vulnerability only if the software is configured with the DHCPv6 relay feature. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to an affected device. Only DHCPv6 packets directed to the Cisco ASA interface where the DHCPv6 relay feature is enabled can be used to trigger this vulnerability. Vulnerability Impact: An unauthenticated, remote attacker could cause the system to reload. Affected Software/OS: Version 9.0, 9.1, 9.2 and 9.3 on Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers. Solution: Apply the appropriate updates from Cisco. As a workaround disable the DHCPv6 relay feature. CVSS Score: 5.7 CVSS Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0578 BugTraq ID: 72718 http://www.securityfocus.com/bid/72718 Cisco Security Advisory: 20150114 Cisco ASA DHCPv6 Relay DoS Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0578 Cisco Security Advisory: 20150115 Cisco Adaptive Security Appliance DHCPv6 Relay Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=37022 http://www.securitytracker.com/id/1031542 XForce ISS Database: cisco-asa-cve20150578-dos(100549) https://exchange.xforce.ibmcloud.com/vulnerabilities/100549
Copyright	Copyright (C) 2015 Greenbone Networks GmbH