Executive Summary

Summary
TitleCisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability
Informations
Namecisco-sa-20181003-ftd-inspect-dosFirst vendor Publication2018-10-03
VendorCiscoLast vendor Modification2018-10-03
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base ScoreN/AAttack RangeN/A
Cvss Impact ScoreN/AAttack ComplexityN/A
Cvss Expoit ScoreN/AAuthenticationN/A
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos"]

BEGIN PGP SIGNATURE

iQJ5BAEBAgBjBQJbtOqxXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfcz1qwP/i9RYn7dmYOL2DJPPV+8VE+sBu6L ZB4QBxwT3uvYAsYJiCXyfpcIqDNiVPOwEH2rVT5gTMgMXulagBUr4vBZE9iebuUi syRAY8BUxB+zsYVqWN97/gLiZZgINfHsOUfJ6J1tGhAU21Qx1ht5jWxCb7RsCjIj 8D6jIQC7laPjxuRiwgbBTEjcxUK2VL3xgtQuN/+tFttzUAPYxC86ykJtZifv7B2e YcMxabNdJ9VXb4qyIicKJU8u+vUsCzysKw21Sl6WqxckvpPsFypqzUd4MSetOJUC YqyUbCKa8xzA6+IS7Pb5yaF4P84TqbCOk4PEBvJ3nAk/KbX53lcVoJkY8oFyglNM CSCL0S3YwQIUKuSG5ydb5I3XW71rV5GbpTDHHBA2ky1roaugcViMy3TAPBbSv0tW xqazKXvKWSZrWSsAi2sQ6EaGTFL2x8qFQXs1XNlzpoYFb7uctTA0n7eu/EX1e8oM o3Bqv9RTH/TFLqB68kpm1IrrKl+hfYXU055vHPGuEV5tTlbeHAquj61rffgTlY2A 71M5dcf1+uaE3NSzfbUufYDlof3EaJ+xQ7aLStT16qQXEPBoyYHK3FDHDsYo6pdM 7uhW77LhYX/accdeiqG7PdlHLwbF1vcam+sZd2xdeGB4jNdQzBG/leXwjpL7teRA uP8TVW7Y7fVEAbMp =tqt5 END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

Nessus® Vulnerability Scanner

DateDescription
2018-10-04Name : The remote device is missing a vendor-supplied security patches.
File : cisco-sa-20181003-ftd-inspect-dos.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2018-10-05 21:21:50
  • Multiple Updates
2018-10-03 21:19:37
  • First insertion