Monday, August 29, 2016

Cisco Adaptive Security Appliance Xlates Table Exhaustion Vulnerability

Cisco Adaptive Security Appliance (ASA) Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to the improper implementation of the Network Address Translation (NAT) process by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted packets to the targeted device. If successful, an attacker could cause a delay in new valid connections until the invalid entries expire, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. However, mitigations for this vulnerability are available.

This advisory is available at the following link:
http://ift.tt/2c9aVGm

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available. Cisco Adaptive Security Appliance (ASA) Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to the improper implementation of the Network Address Translation (NAT) process by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted packets to the targeted device. If successful, an attacker could cause a delay in new valid connections until the invalid entries expire, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. However, mitigations for this vulnerability are available.

This advisory is available at the following link:
http://ift.tt/2c9aVGm

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.
Security Impact Rating: Medium
CVE: CVE-2013-1138

from Cisco Security Advisory http://ift.tt/2c9aVGm

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.