CVE-2012-4662

The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21376 and CSCtr27524.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa	Vendor Advisory
http://www.securityfocus.com/bid/55862
http://osvdb.org/86147
http://secunia.com/advisories/50857
https://exchange.xforce.ibmcloud.com/vulnerabilities/79174

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(1\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(1.11\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(2\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\(1\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\(1\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\(1.4\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(2.11\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5:::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\(2\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4:::::::*

OR	cpe:2.3:h:cisco:catalyst_6500::::::::
	cpe:2.3:h:cisco:catalyst_6503-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6513:-:::::::*
	cpe:2.3:h:cisco:7600_router::::::::
	cpe:2.3:h:cisco:catalyst_6509-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6509-neb-a:-:::::::*
	cpe:2.3:h:cisco:catalyst_6504-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6506-e:-:::::::*
	cpe:2.3:h:cisco:5500_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:catalyst_6509-v-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6513-e:-:::::::*

Information

Published : 2012-10-29 13:55

Updated : 2017-08-28 18:32

NVD link : CVE-2012-4662

Mitre link : CVE-2012-4662

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

cisco

adaptive_security_appliance_software
5500_series_adaptive_security_appliance
catalyst_6504-e
7600_router
catalyst_6509-neb-a
catalyst_6509-v-e
catalyst_6513-e
catalyst_6513
catalyst_6500
catalyst_6509-e
catalyst_6506-e
catalyst_6503-e

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm", "name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module", "tags": [], "refsource": "CISCO"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa", "name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.securityfocus.com/bid/55862", "name": "55862", "tags": [], "refsource": "BID"}, {"url": "http://osvdb.org/86147", "name": "86147", "tags": [], "refsource": "OSVDB"}, {"url": "http://secunia.com/advisories/50857", "name": "50857", "tags": [], "refsource": "SECUNIA"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79174", "name": "cisco-fwsm-dcerpc-dos(79174)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21376 and CSCtr27524."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-4662", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-10-29T20:55Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\\(1.4\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-29T01:32Z"}

7.1 /10