HomePentest-Tools.com Logo

Cisco ASA DNS Inspection Engine DoS Vulnerability (cisco-sa-20141008-asa) CVE-2014-3388

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

A vulnerability in the DNS inspection engine of Cisco ASA Software could allow an unauthenticated, remote attacker to cause the reload of an affected system.

Risk description

The vulnerability is due to insufficient validation of crafted DNS packets. An attacker could exploit this vulnerability by sending crafted DNS packets through the affected system. An unauthenticated, remote attacker could exploit this vulnerability to cause an affected device to reload, resulting in a denial of service (DoS) condition.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 10, 2014
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available