Sign-up

ID

VAR-201301-0039


CVE

CVE-2012-5419


TITLE

Cisco ASA 1000V Cloud Firewall for ASA Service disruption in software (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-001201

DESCRIPTION

Cisco Adaptive Security Appliance (ASA) software 8.7.1 and 8.7.1.1 for the Cisco ASA 1000V Cloud Firewall allows remote attackers to cause a denial of service (device reload) via a malformed H.225 H.323 IPv4 packet, aka Bug IDs CSCuc42812 and CSCuc88741. The problem is Bug ID CSCuc42812 and CSCuc88741 It is a problem.Malformed by a third party H.225 , H.323 ,and IPv4 Service disruption via packets (( Device reload ) There is a possibility of being put into a state. Successful exploits may allow an attacker to trigger a reload on the device. A sustained denial-of-service condition can also arise due to repeated attacks. This issue is being tracked by Cisco bug ID CSCuc42812. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Cisco ASA 1000V Cloud Firewall H.323 Inspection Denial of Service Vulnerability SECUNIA ADVISORY ID: SA51897 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51897/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51897 RELEASE DATE: 2013-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/51897/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/51897/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=51897 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco ASA 1000V Cloud Firewall, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when inspecting H.323 packets and can be exploited to trigger a reload via a specially crafted packet sent through the device. Successful exploitation requires that H.323 inspection is enabled (enabled by default). The vulnerability is reported in versions 8.7.1 and 8.7.1.1. SOLUTION: Update to version 8.7.1.3. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130116-asa1000v OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2012-5419 // JVNDB: JVNDB-2013-001201 // BID: 57432 // VULHUB: VHN-58700 // PACKETSTORM: 119586

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.7.1

Trust: 2.4

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.7.1.1

Trust: 2.4

vendor:ciscomodel:asa 1000v cloud firewallscope:eqversion: -

Trust: 1.0

sources: JVNDB: JVNDB-2013-001201 // CNNVD: CNNVD-201301-358 // NVD: CVE-2012-5419

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-5419
value: HIGH

Trust: 1.0

NVD: CVE-2012-5419
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201301-358
value: HIGH

Trust: 0.6

VULHUB: VHN-58700
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-5419
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-58700
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-58700 // JVNDB: JVNDB-2013-001201 // CNNVD: CNNVD-201301-358 // NVD: CVE-2012-5419

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-58700 // JVNDB: JVNDB-2013-001201 // NVD: CVE-2012-5419

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201301-358

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201301-358

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-001201

PATCH
title:cisco-sa-20130116-asa1000vurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130116-asa1000v
Trust: 0.8
title:cisco-sa-20130116-asa1000vurl:http://www.cisco.com/cisco/web/support/JP/111/1117/1117055_cisco-sa-20130116-asa1000v-j.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-001201

EXTERNAL IDS
db:NVDid:CVE-2012-5419
Trust: 2.8
db:JVNDBid:JVNDB-2013-001201
Trust: 0.8
db:CNNVDid:CNNVD-201301-358
Trust: 0.7
db:SECUNIAid:51897
Trust: 0.7
db:CISCOid:20131016 CISCO ASA 1000V CLOUD FIREWALL H.323 INSPECTION DENIAL OF SERVICE VULNERABILITY
Trust: 0.6
db:BIDid:57432
Trust: 0.4
db:VULHUBid:VHN-58700
Trust: 0.1
db:PACKETSTORMid:119586
Trust: 0.1
sources:
            
            
            VULHUB: VHN-58700 // 
            
            
            
            BID: 57432 // 
            
            
            
            JVNDB: JVNDB-2013-001201 // 
            
            
            
            PACKETSTORM: 119586 // 
            
            
            
            CNNVD: CNNVD-201301-358 // 
            
            
            
            NVD: CVE-2012-5419

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130116-asa1000v
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5419
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5419
Trust: 0.8
url:http://secunia.com/advisories/51897
Trust: 0.6
url:http://www.cisco.com
Trust: 0.3
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/51897/#comments
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=51897
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/advisories/51897/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/blog/325/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-58700 // 
            
            
            
            BID: 57432 // 
            
            
            
            JVNDB: JVNDB-2013-001201 // 
            
            
            
            PACKETSTORM: 119586 // 
            
            
            
            CNNVD: CNNVD-201301-358 // 
            
            
            
            NVD: CVE-2012-5419

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 57432

SOURCES
db:VULHUBid:VHN-58700
db:BIDid:57432
db:JVNDBid:JVNDB-2013-001201
db:PACKETSTORMid:119586
db:CNNVDid:CNNVD-201301-358
db:NVDid:CVE-2012-5419

LAST UPDATE DATE
2024-11-23T22:02:30.712000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-58700date:2013-01-29T00:00:00
db:BIDid:57432date:2013-01-16T00:00:00
db:JVNDBid:JVNDB-2013-001201date:2013-01-22T00:00:00
db:CNNVDid:CNNVD-201301-358date:2013-01-18T00:00:00
db:NVDid:CVE-2012-5419date:2024-11-21T01:44:40.497

SOURCES RELEASE DATE
db:VULHUBid:VHN-58700date:2013-01-17T00:00:00
db:BIDid:57432date:2013-01-16T00:00:00
db:JVNDBid:JVNDB-2013-001201date:2013-01-22T00:00:00
db:PACKETSTORMid:119586date:2013-01-16T02:27:16
db:CNNVDid:CNNVD-201301-358date:2013-01-18T00:00:00
db:NVDid:CVE-2012-5419date:2013-01-17T15:55:01.470