ID de Prueba:	1.3.6.1.4.1.25623.1.0.106767
Categoría:	CISCO
Título:	Cisco ASA Software TCP Normalizer Denial of Service Vulnerability (cisco-sa-20170419-asa-norm)
Resumen:	A vulnerability in the TCP normalizer of Cisco Adaptive; Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause Cisco; ASA to drop any further incoming traffic on all interfaces, resulting in a denial of service; (DoS) condition.
Descripción:	Summary: A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause Cisco ASA to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition. Vulnerability Insight: The vulnerability is due to improper limitation of the global out-of-order TCP queue for specific block sizes. An attacker could exploit this vulnerability by sending a large number of unique permitted TCP connections with out-of-order segments. Vulnerability Impact: An exploit could allow the attacker to exhaust available blocks in the global out-of-order TCP queue, causing the dropping of any further incoming traffic on all interfaces and resulting in a DoS condition. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3793 BugTraq ID: 97923 http://www.securityfocus.com/bid/97923 http://www.securitytracker.com/id/1038329
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.