HomePentest-Tools.com Logo

Cisco ASA DNS Memory Exhaustion Vulnerability (cisco-sa-20150408-asa) CVE-2015-0676

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Cisco ASA is prone to a DNS memory exhaustion vulnerability.

Risk description

The vulnerability is due to improper processing of DNS packets. An attacker could exploit this vulnerability by sending a request to an affected Cisco ASA appliance, which can cause it to generate a DNS request packet. The attacker would need to be able to intercept this request and reply with a crafted DNS reply packet. An unauthenticated, remote attacker could exploit this vulnerability by sending a request to a targeted device, causing the device to generate a DNS request packet. If the attacker can intercept the request and reply with a crafted DNS packet, the attacker could cause the device to exhaust available memory resources to cause system instability that results in a DoS condition.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Apr 13, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available