The DNS implementation in Cisco Adaptive Security Appliance (ASA) Software 7.2 before 7.2(5.16), 8.2 before 8.2(5.57), 8.3 before 8.3(2.44), 8.4 before 8.4(7.28), 8.5 before 8.5(1.24), 8.6 before 8.6(1.17), 8.7 before 8.7(1.16), 9.0 before 9.0(4.33), 9.1 before 9.1(6.1), 9.2 before 9.2(3.4), and 9.3 before 9.3(3) allows man-in-the-middle attackers to cause a denial of service (memory consumption or device outage) by triggering outbound DNS queries and then sending crafted responses to these queries, aka Bug ID CSCuq77655.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2015-04-12 18:59
Updated : 2015-04-22 21:49
NVD link : CVE-2015-0676
Mitre link : CVE-2015-0676
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
cisco
- adaptive_security_appliance_software