PROBLEM:
Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service
PLATFORM:
Version(s): prior to 4.1(9)
ABSTRACT:
Several vulnerabilities were reported in Cisco Firewall Services Module.
reference LINKS:
Cisco Advisory ID: cisco-sa-20121010-fwsm
SecurityTracker Alert ID: 1027640
CVE-2012-4661
CVE-2012-4662
CVE-2012-4663
IMPACT ASSESSMENT:
High
Discussion:
A remote user can send specially crafted DCERPC data through the target device to trigger a stack overflow in the DCERPC inspection engine and execute arbitrary code on the target device or cause the target device to reload [CVE-2012-4661].
Cisco has assigned Cisco bug ID CSCtr27522 to this vulnerability.
A remote user can send specially crafted DCERPC data through the target device to cause the target device to reload [CVE-2012-4662, CVE-2012-4663].
Impact:
Successful exploitation of either of the vulnerabilities could cause an affected device to reload. Repeated exploitation may result in a DoS condition. Successful exploitation of the DCERPC Inspection Buffer Overflow Vulnerability may cause a stack overflow and permit the execution of arbitrary commands.
Solution: