Executive Summary
Summary | |
---|---|
Title | Multiple Vulnerabilities in Cisco PIX and ASA Appliance |
Informations | |||
---|---|---|---|
Name | cisco-sa-20071017-asa | First vendor Publication | 2007-09-06 |
Vendor | Cisco | Last vendor Modification | 2007-10-19 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Two crafted packet vulnerabilities exist in the Cisco PIX 500 Series Security Appliance (PIX) and the Cisco 5500 Series Adaptive Security Appliance (ASA) that may result in a reload of the device. These vulnerabilities are triggered during processing of Media Gateway Control Protocol (MGCP) packets, or during processing of Transport Layer Security (TLS) traffic that terminates on the PIX or ASA security appliance. |
Original Source
Url : http://www.cisco.com/warp/public/707/cisco-sa-20071017-asa.shtml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
37945 | Cisco Firewall Services Module (FWSM) Crafted MGCP Packet Inspection DoS The Cisco Firewall Services Module (FWSM) contains a flaw that may allow a remote denial of service. The issue is triggered when special crafted MGCP packets are procesed by the inspection engine, and will result in loss of availability for the device. |
37943 | Cisco PIX / ASA Media Gateway Control Protocol (MGCP) Handling Remote DoS |
37942 | Cisco PIX / ASA Transport Layer Security (TLS) Packet Processing Remote DoS |