Cisco asa dns memory depletion Vulnerability (CVE-2015-0676)
Cisco asa dns memory depletion Vulnerability (CVE-2015-0676)
Release date:
Updated on:
Affected Systems:
Cisco ASA 1, 5500
Description:
CVE (CAN) ID: CVE-2015-0676
The Cisco ASA 5500 Series Adaptive Security Device is a modular platform for providing security and VPN services. It provides firewall, IPS, anti-X, and VPN services.
A security vulnerability exists in the DNS code of Cisco ASA Software, which can be exploited by unauthenticated remote attackers to exhaust available memory and cause system crash.
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa
*>
Suggestion:
Vendor patch:
Cisco
-----
Cisco has released a Security Bulletin (cisco-sa-20150408-asa) and patches for this:
Cisco-sa-20150408-asa: Multiple Vulnerabilities in Cisco ASA Software
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa
This article permanently updates the link address: