[<prev] [next>] [day] [month] [year] [list]
Message-id: <20120912121205.cisco-sa-20120912-asacx@psirt.cisco.com>
Date: Wed, 12 Sep 2012 12:12:12 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability
Advisory ID: cisco-sa-20120912-asacx
Revision 1.0
For Public Release 2012 September 12 16:00 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Cisco ASA-CX Context-Aware Security appliance and Cisco Prime Security
Manager (PRSM) contain a denial of service (DoS) vulnerability in
versions prior to 9.0.2-103.
Successful exploitation of this vulnerability on the Cisco ASA-CX
could cause the device to stop processing user traffic and prevent
management access to the Cisco ASA-CX. Successful exploitation of this
vulnerability on the Cisco PRSM could cause the software to become
unresponsive and unavailable.
There are no workarounds for this vulnerability, but some mitigations
are available.
Cisco has released free software updates that address this
vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
iF4EAREIAAYFAlBQmfIACgkQUddfH3/BbTqiYwD/XvyTOxUAsm5SUk6SQz2gSvJQ
MRJ/YAAaW54eH5HykGwA/j19RyMKO9JLs5Hj+E6lDsbVjl4azUf2XkBI+Zt/jS+B
=eNJC
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists