Cisco Adaptive Security Appliance Denial of Service Vulnerability (CVE-2015-0742)

Cisco Adaptive Security Appliance Denial of Service Vulnerability (CVE-2015-0742)
Cisco Adaptive Security Appliance Denial of Service Vulnerability (CVE-2015-0742)

Release date:
Updated on:

Affected Systems:

Cisco ASA 9.4 (0.115)
Cisco ASA 9.3 (2.100)
Cisco ASA 9.3 (1.105)
Cisco ASA 9.2 (3.4)
Cisco ASA 9.2 (3.1)
Cisco ASA 9.2 (0.104)
Cisco ASA 9.2 (0.0)
Cisco ASA 100.14 (1.1)
Cisco ASA 100.13 (21.9)
Cisco ASA 100.13 (20.3)
Cisco ASA 100.13 (0.21)

Description:

Bugtraq id: 74750
CVE (CAN) ID: CVE-2015-0742

The Cisco ASA 5500 Series Adaptive Security Device is a modular platform for providing security and VPN services. It provides firewall, IPS, anti-X, and VPN services.

The protocol of Cisco ASA Independent Multicast (PIM) does not properly implement multicast forwarding registration. Remote attackers can exploit this vulnerability to cause denial of service (forwarding downtime) by constructing multicast packets ).

<* Source: Cisco
*>

Suggestion:

Vendor patch:

Cisco
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://tools.cisco.com/security/center/viewAlert.x? AlertId = 38937

This article permanently updates the link address: