Details of VAR-201210-0127

ID

VAR-201210-0127

CVE

CVE-2012-4643

TITLE

Cisco ASA 5500/Cisco Catalyst 6500 DHCP Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2012-5722 // CNNVD: CNNVD-201210-241

DESCRIPTION

The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 before 7.2(5.8), 7.1 before 7.2(5.8), 7.2 before 7.2(5.8), 8.0 before 8.0(5.28), 8.1 before 8.1(2.56), 8.2 before 8.2(5.27), 8.3 before 8.3(2.31), 8.4 before 8.4(3.10), 8.5 before 8.5(1.9), and 8.6 before 8.6(1.5) does not properly allocate memory for DHCP packets, which allows remote attackers to cause a denial of service (device reload) via a series of crafted IPv4 packets, aka Bug ID CSCtw84068. The Cisco Adaptive Security Appliance is an adaptive security appliance that provides modules for security and VPN services. Cisco Catalyst is an intelligent Ethernet switch developed by Cisco. An attacker can exploit this issue to cause a vulnerable device to reload, triggering a denial-of-service condition. This issue is tracked by Cisco Bug ID CSCtw84068. Cisco ASA is a set of firewall equipment of Cisco (Cisco). The device also includes IPS (Intrusion Prevention System), SSL VPN, IPSec VPN, antispam, and more. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Cisco ASA Products Multiple Vulnerabilities SECUNIA ADVISORY ID: SA50871 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50871/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50871 RELEASE DATE: 2012-10-11 DISCUSS ADVISORY: http://secunia.com/advisories/50871/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/50871/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=50871 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module (ASASM), which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Successful exploitation requires the DHCP relay or DHCP server feature to be enabled. 2) An error in the AAA (Authentication, Authorization, and Accounting) code when handling SSL VPN authentication can be exploited to cause a device reload via a specially crafted authentication challenge-response. Successful exploitation requires Cisco ASA software configured for Clientless or AnyConnect SSL VPN. 3) An error within the SIP (Session Initiation Protocol) inspection engine can be exploited to cause a device reload via a specially crafted SIP media update packet. Successful exploitation requires that SIP inspection is enabled. 4) Some vulnerabilities exist in the DCERPC inspection engine. For more information: SA50857 SOLUTION: Update to version 7.2(5.8), 8.0(5.28), 8.1(2.56), 8.2(5.33), 8.3(2.34), 8.4(4.5), 8.5(1.14), or 8.6(1.5). Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: CSCtw84068, CSCtz04566, CSCtr63728, CSCtr21359, CSCtr21376, CSCtr21346: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.61

sources: NVD: CVE-2012-4643 // JVNDB: JVNDB-2012-005161 // CNVD: CNVD-2012-5722 // BID: 55861 // VULHUB: VHN-57924 // PACKETSTORM: 117318

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2012-5722

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(5\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(2\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(4\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.1	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(3\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(2\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(4.4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(0\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.7\)	Trust: 1.0
vendor:	cisco	model:	catalyst 6509-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.16\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4	Trust: 1.0
vendor:	cisco	model:	catalyst 6509-v-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.10\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2.49\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.3\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(1\)	Trust: 1.0
vendor:	cisco	model:	5500 series adaptive security appliance	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	catalyst 6509-neb-a	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(2.11\)	Trust: 1.0
vendor:	cisco	model:	catalyst 6504-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2.27\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5\(1.4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(1\)	Trust: 1.0
vendor:	cisco	model:	catalyst 6503-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(4.1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.18\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.48\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(1.11\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1	Trust: 1.0
vendor:	cisco	model:	catalyst 6506-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.15\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(3\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(4\)	Trust: 1.0
vendor:	cisco	model:	catalyst 6513	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	catalyst 6513-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.19\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(3\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2.5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(5.2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(3.9\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.8\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.3\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2.48\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.17\)	Trust: 1.0
vendor:	cisco	model:	catalyst 6500	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(1.22\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.14\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.2	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.1	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 8.1(2.56)	Trust: 0.8
vendor:	cisco	model:	catalyst 6504-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6(1.5)	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	8.5	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2(5.8)	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	7.0	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 8.4(3.10)	Trust: 0.8
vendor:	cisco	model:	catalyst 6509-neb-a switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2(5.27)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.5	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	8.4	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5(1.9)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	7.0	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	8.0	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.4	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	7.1	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 8.5(1.9)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4(3.10)	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 7.2(5.8)	Trust: 0.8
vendor:	cisco	model:	catalyst 6506-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	7.2	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.0	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	7.1	Trust: 0.8
vendor:	cisco	model:	catalyst 6503-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0(5.28)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	7.2	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	8.6	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 8.2(5.27)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance 5500 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	8.3	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.6	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	8.1	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.3	Trust: 0.8
vendor:	cisco	model:	catalyst 6509-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 8.0(5.28)	Trust: 0.8
vendor:	cisco	model:	catalyst 6513 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6513-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6509-v-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	8.2	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.1(2.56)	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 8.6(1.5)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.3(2.31)	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 8.3(2.31)	Trust: 0.8
vendor:	cisco	model:	asa software/asasm software	scope:	lt	version:	8.5(1.8)	Trust: 0.6
vendor:	cisco	model:	asa software/asasm software	scope:	lt	version:	8.4(3.10)	Trust: 0.6
vendor:	cisco	model:	asa software/asasm software	scope:	lt	version:	8.3(2.30)	Trust: 0.6
vendor:	cisco	model:	asa software/asasm software	scope:	lt	version:	8.2(5.27)	Trust: 0.6
vendor:	cisco	model:	asa software/asasm software	scope:	lt	version:	8.1(2.56)	Trust: 0.6
vendor:	cisco	model:	asa software/asasm software	scope:	lt	version:	8.0(5.28)	Trust: 0.6
vendor:	cisco	model:	asa software/asasm software	scope:	lt	version:	7.2(5.8)	Trust: 0.6
vendor:	cisco	model:	asa software/asasm software	scope:	lt	version:	8.6(1.4)	Trust: 0.6
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(1.2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(1.6)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2.19)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.45)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.49)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0.4.3	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(5.3)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(4)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(5.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.2	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(0.08)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2.13)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2.23)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.35)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.4(2.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(5.7)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.2(5.20)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.53)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2.17)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(5.26)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(5.6)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.5	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.39)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.50)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2.22)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(4.46)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.3(2.25)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2.5)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2.11)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(4.44)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2.1)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.4(3)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(5.18)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.1(2.53)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0(8.11)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5(1.2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(1.10)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(3)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2.7)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65007.2	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.6(1.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(4)30	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2.18)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(2.10)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(5.20)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.4(2.5)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.0(5.25)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(3)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(5)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5(1.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5(1.4)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(5.2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.46)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(4.38)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0(8.13)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5(1.6)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.6(1.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(5.26)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(1.16)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.5(1.4)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2.13)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.44)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(5.23)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.3(2.22)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(5.17)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(1.10)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(5.4)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2.25)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(5.19)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.6	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.29)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65007.0	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.37)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.3(2.29)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(4.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0(8.12)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65007.2(5.7)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(1.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(5.24)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65007.1	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(4.44)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(5.27)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.5(1.2)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.4	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.0	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.5(1.6)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2.16)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(5.25)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(5.2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0.4	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.1(2.50)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.1	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2.29)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(5.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(1.5)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0(5.15)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.4(2.11)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(5)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2.20)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(2.28)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0(8.10)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.0(5.27)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2(4.45)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.3	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2(1.15)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.47)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.1	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1(2.40)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3(1.8)	Trust: 0.3

sources: CNVD: CNVD-2012-5722 // BID: 55861 // JVNDB: JVNDB-2012-005161 // CNNVD: CNNVD-201210-241 // NVD: CVE-2012-4643

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-4643
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-4643
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201210-241
value:	HIGH
Trust: 0.6
VULHUB:	VHN-57924
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-4643
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-57924
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-57924 // JVNDB: JVNDB-2012-005161 // CNNVD: CNNVD-201210-241 // NVD: CVE-2012-4643

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-57924 // JVNDB: JVNDB-2012-005161 // NVD: CVE-2012-4643

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201210-241

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201210-241

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-005161

PATCH

title:	cisco-sa-20121010-asa	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa	Trust: 0.8
title:	cisco-sa-20121010-asa	url:	http://www.cisco.com/cisco/web/support/JP/111/1116/1116638_cisco-sa-20121010-asa-j.html	Trust: 0.8
title:	Patch for Cisco ASA 5500/Cisco Catalyst 6500 DHCP Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/23638	Trust: 0.6

sources: CNVD: CNVD-2012-5722 // JVNDB: JVNDB-2012-005161

EXTERNAL IDS

db:	NVD	id:	CVE-2012-4643	Trust: 3.4
db:	BID	id:	55861	Trust: 2.0
db:	OSVDB	id:	86145	Trust: 1.1
db:	JVNDB	id:	JVNDB-2012-005161	Trust: 0.8
db:	CNNVD	id:	CNNVD-201210-241	Trust: 0.7
db:	SECUNIA	id:	50871	Trust: 0.7
db:	CNVD	id:	CNVD-2012-5722	Trust: 0.6
db:	CISCO	id:	20121010 MULTIPLE VULNERABILITIES IN CISCO ASA 5500 SERIES ADAPTIVE SECURITY APPLIANCES AND CISCO CATALYST 6500 SERIES ASA SERVICES MODULE	Trust: 0.6
db:	CISCO	id:	20121010 MULTIPLE VULNERABILITIES IN CISCO FIREWALL SERVICES MODULE	Trust: 0.6
db:	VULHUB	id:	VHN-57924	Trust: 0.1
db:	PACKETSTORM	id:	117318	Trust: 0.1

sources: CNVD: CNVD-2012-5722 // VULHUB: VHN-57924 // BID: 55861 // JVNDB: JVNDB-2012-005161 // PACKETSTORM: 117318 // CNNVD: CNNVD-201210-241 // NVD: CVE-2012-4643

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-asa	Trust: 2.1
url:	http://www.securityfocus.com/bid/55861	Trust: 1.7
url:	http://osvdb.org/86145	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4643	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4643	Trust: 0.8
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=27104	Trust: 0.6
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-fwsm	Trust: 0.6
url:	http://secunia.com/advisories/50871	Trust: 0.6
url:	http://www.cisco.com/en/us/products/ps6120/index.html	Trust: 0.3
url:	http://www.cisco.com/en/us/products/hw/switches/index.html	Trust: 0.3
url:	http://secunia.com/advisories/50871/	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/50871/#comments	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/blog/325/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=50871	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: CNVD: CNVD-2012-5722 // VULHUB: VHN-57924 // BID: 55861 // JVNDB: JVNDB-2012-005161 // PACKETSTORM: 117318 // CNNVD: CNNVD-201210-241 // NVD: CVE-2012-4643

CREDITS

Cisco

Trust: 0.9

sources: BID: 55861 // CNNVD: CNNVD-201210-241

SOURCES

db:	CNVD	id:	CNVD-2012-5722
db:	VULHUB	id:	VHN-57924
db:	BID	id:	55861
db:	JVNDB	id:	JVNDB-2012-005161
db:	PACKETSTORM	id:	117318
db:	CNNVD	id:	CNNVD-201210-241
db:	NVD	id:	CVE-2012-4643

LAST UPDATE DATE

2024-11-23T22:08:40.217000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-5722	date:	2012-10-12T00:00:00
db:	VULHUB	id:	VHN-57924	date:	2013-03-02T00:00:00
db:	BID	id:	55861	date:	2015-03-19T09:45:00
db:	JVNDB	id:	JVNDB-2012-005161	date:	2012-10-31T00:00:00
db:	CNNVD	id:	CNNVD-201210-241	date:	2012-10-30T00:00:00
db:	NVD	id:	CVE-2012-4643	date:	2024-11-21T01:43:17.290

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2012-5722	date:	2012-10-12T00:00:00
db:	VULHUB	id:	VHN-57924	date:	2012-10-29T00:00:00
db:	BID	id:	55861	date:	2012-10-10T00:00:00
db:	JVNDB	id:	JVNDB-2012-005161	date:	2012-10-31T00:00:00
db:	PACKETSTORM	id:	117318	date:	2012-10-11T10:06:55
db:	CNNVD	id:	CNNVD-201210-241	date:	2012-10-16T00:00:00
db:	NVD	id:	CVE-2012-4643	date:	2012-10-29T20:55:01.103