[c-nsp] Cisco Security Advisory: Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability
Cisco Systems Product Security Incident Response Team
psirt at cisco.com
Wed Sep 12 12:12:12 EDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability
Advisory ID: cisco-sa-20120912-asacx
Revision 1.0
For Public Release 2012 September 12 16:00 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Cisco ASA-CX Context-Aware Security appliance and Cisco Prime Security
Manager (PRSM) contain a denial of service (DoS) vulnerability in
versions prior to 9.0.2-103.
Successful exploitation of this vulnerability on the Cisco ASA-CX
could cause the device to stop processing user traffic and prevent
management access to the Cisco ASA-CX. Successful exploitation of this
vulnerability on the Cisco PRSM could cause the software to become
unresponsive and unavailable.
There are no workarounds for this vulnerability, but some mitigations
are available.
Cisco has released free software updates that address this
vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
iF4EAREIAAYFAlBQmfIACgkQUddfH3/BbTqiYwD/XvyTOxUAsm5SUk6SQz2gSvJQ
MRJ/YAAaW54eH5HykGwA/j19RyMKO9JLs5Hj+E6lDsbVjl4azUf2XkBI+Zt/jS+B
=eNJC
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list