OSVDB ID: 84509

Title: Cisco Adaptive Security Appliances (ASA) SIP Inspection Identical Pre-allocated Secondary Pinholes SIP Traffic Parsing Remote DoS

Info

Disclosure

Jul 24, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Cisco Adaptive Security Appliances (ASA) contains a flaw that may allow a remote denial of service. This issue is triggered due to the program creating multiple identical pre-allocated secondary pinholes. With specially crafted SIP traffic, a remote attacker can cause a loss of availability for the program.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Solution Unknown
Exploit: Exploit Unknown
Disclosure: Vendor Verified
OSVDB: Security Software

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Cisco Systems, Inc.

Adaptive Security Appliances (ASA)

8.4(282.11)29

References

Security Tracker: 1027355
CVE ID: 2012-2472 (see also: NVD)
Vendor Specific News/Changelog Entry: http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/84509