CVE-2012-0355

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(2.11) and 8.5 before 8.5(1.4) allow remote attackers to cause a denial of service (device reload) via (1) IPv4 or (2) IPv6 packets that trigger syslog message 305006, aka Bug ID CSCts39634.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa	Vendor Advisory
http://secunia.com/advisories/48423
http://www.securitytracker.com/id?1026800
http://osvdb.org/80045
http://www.securityfocus.com/bid/52488

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4:::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\(1.4\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(1.11\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(2\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5:::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(1\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\(1\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(2.11\):::::::*

OR	cpe:2.3:h:cisco:catalyst_6506-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6504-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6513:-:::::::*
	cpe:2.3:h:cisco:catalyst_6513-e:-:::::::*
	cpe:2.3:h:cisco:5500_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:catalyst_6500::::::::
	cpe:2.3:h:cisco:catalyst_6503-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6509-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6509-neb-a:-:::::::*
	cpe:2.3:h:cisco:catalyst_6509-v-e:-:::::::*

Information

Published : 2012-03-14 17:55

Updated : 2018-01-12 18:29

NVD link : CVE-2012-0355

Mitre link : CVE-2012-0355

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

cisco

adaptive_security_appliance_software
5500_series_adaptive_security_appliance
catalyst_6504-e
catalyst_6513-e
catalyst_6509-neb-a
catalyst_6509-v-e
catalyst_6513
catalyst_6500
catalyst_6509-e
catalyst_6506-e
catalyst_6503-e

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa", "name": "20120314 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://secunia.com/advisories/48423", "name": "48423", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id?1026800", "name": "1026800", "tags": [], "refsource": "SECTRACK"}, {"url": "http://osvdb.org/80045", "name": "80045", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.securityfocus.com/bid/52488", "name": "52488", "tags": [], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(2.11) and 8.5 before 8.5(1.4) allow remote attackers to cause a denial of service (device reload) via (1) IPv4 or (2) IPv6 packets that trigger syslog message 305006, aka Bug ID CSCts39634."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-0355", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-03-15T00:55Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\\(1.4\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-01-13T02:29Z"}

7.8 /10