You are here

V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service

January 17, 2013 - 12:00am

Addthis

PROBLEM:

Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service

PLATFORM:

The vulnerability is reported in versions 8.7.1 and 8.7.1.1.

ABSTRACT:

A vulnerability has been reported in Cisco ASA 1000V Cloud Firewall

REFERENCE LINKS:

Cisco Advisory ID: cisco-sa-20130116-asa1000v
SecurityTracker Alert ID:  1028005
Secunia Advisory  SA51897 
CVE-2012-5419

IMPACT ASSESSMENT:

Medium

DISCUSSION:

A vulnerability has been reported in Cisco ASA 1000V Cloud Firewall, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when inspecting H.323 packets and can be exploited to trigger a reload via a specially crafted packet sent through the device.

Successful exploitation requires that H.323 inspection is enabled (enabled by default).

IMPACT:

Successful exploitation of this vulnerability may cause a reload of the affected device. Repeated exploitation could result in a sustained DoS condition.

SOLUTION:

Update to version 8.7.1.3.

 

Addthis