A vulnerability in the DHCP Relay feature of Cisco ASA Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition by causing an interface wedge.The vulnerability is due to improper handling of resources linked with the DHCP Relay feature. An attacker could exploit this vulnerability by sending DHCP packets at specific rates. An exploit could allow an attacker to cause an interface to become wedged, and stop processing incoming traffic. Once this state is reached, restoration of service can only be achieved by reloading the device.
Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link: http://ift.tt/2dRTc7L
A vulnerability in the DHCP Relay feature of Cisco ASA Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition by causing an interface wedge.The vulnerability is due to improper handling of resources linked with the DHCP Relay feature. An attacker could exploit this vulnerability by sending DHCP packets at specific rates. An exploit could allow an attacker to cause an interface to become wedged, and stop processing incoming traffic. Once this state is reached, restoration of service can only be achieved by reloading the device.
Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link: http://ift.tt/2dRTc7L
Security Impact Rating: Medium
CVE: CVE-2016-6424
from Cisco Security Advisory http://ift.tt/2dRTc7L
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.