lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-id: <201304101311.10.asa@psirt.cisco.com>
Date: Wed, 10 Apr 2013 13:11:36 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: full-disclosure@...ts.grok.org.uk
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Multiple Vulnerabilities
	in Cisco ASA Software

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software

Advisory ID: cisco-sa-20130410-asa

Revision 1.0

For Public Release 2013 April 10 16:00  UTC (GMT) 

+----------------------------------------------------------------------

Summary
=======

Cisco ASA Software is affected by the following vulnerabilities:

    IKE Version 1 Denial of Service Vulnerability
    Crafted URL Denial of Service Vulnerability
    Denial of Service During Validation of Crafted Certificates
    DNS Inspection Denial of Service Vulnerability

These vulnerabilities are independent of each other; a release that
is affected by one of the vulnerabilities may not be affected by the
others.

Successful exploitation of any of these vulnerabilities may result in
a reload of an affected device, leading to a denial of service (DoS)
condition.

Cisco has released free software updates that address these
vulnerabilities. Workarounds are available for some of these
vulnerabilities.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa

Note: The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500
Series Switches and Cisco 7600 Series Routers may be affected by some
of the vulnerabilities listed above. A separate Cisco Security Advisory
has been published to disclose the vulnerabilities that affect the Cisco
FWSM. This advisory is available at

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iF4EAREIAAYFAlFlkRYACgkQUddfH3/BbTpxAQD/Zkba4GDth49SWailwZV871q2
ffeUbZzP4AzcT4zJTbYA/1nk8ZqZBfW9TCUenapRkiykoh14ATXnyjV5GqUtWiUa
=Ds4x
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ