Products & Services
Support

Product Categories


Popular Downloads


Manage Software

How to Buy

For Home

Linksys Products Store
Linksys is now part of Belkin
Products for everyone

All Ordering Options

Training & Events Partners
Guest

Cisco Security Advisory

Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

Advisory ID: cisco-sa-20121010-asa

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa

Revision 1.0

For Public Release 2012 October 10 16:00  UTC (GMT)

Related Resources:

View related Security Advisory

Summary

Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco Catalyst 6500 Series ASA Services Module (ASASM) may be affected by the following vulnerabilities:

  • DHCP Memory Allocation Denial of Service Vulnerability
  • SSL VPN Authentication Denial of Service Vulnerability
  • SIP Inspection Media Update Denial of Service Vulnerability
  • DCERPC Inspection Buffer Overflow Vulnerability
  • Two DCERPC Inspection Denial Of Service Vulnerabilities

These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others.

Successful exploitation of any of these vulnerabilities could allow an unauthenticated remote attacker to trigger a reload of the affected device. Exploitation of the DCERPC Inspection Buffer Overflow Vulnerability could additionally cause a stack overflow and possibly the execution of arbitrary commands.

Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of these vulnerabilities. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa

Note: The Cisco Firewall Services Module for Cisco Catalyst 6500 and Cisco 7600 Series (FWSM) may be affected by some of the vulnerabilities listed above.
A separate Cisco Security Advisory has been published to disclose the vulnerabilities that affect the Cisco FWSM. This advisory is available at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm

The Cisco ASA 1000V Cloud Firewall and Cisco ASA-CX Context-Aware Security are not affected by any of these vulnerabilities.

Affected Products

Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module are affected by multiple vulnerabilities. Affected versions of Cisco ASA Software will vary depending on the specific vulnerability. Consult the "Software Versions and Fixes" section of this security advisory for more information about the affected versions.

Cisco PIX Security Appliances may be affected by some of the vulnerabilities described in this security advisory. Cisco PIX has reached end of software maintenance. Cisco PIX Security Appliance customers are encouraged to migrate to Cisco ASA 5500 Series Adaptive Security Appliances. Consult the dedicated section for Cisco PIX Security Appliances in the "Vulnerable Products" section of this security advisory for more information about affected versions.

Vulnerable Products

For specific version information, refer to the "Software Versions and Fixes" section of this advisory.

DHCP Memory Allocation Denial of Service Vulnerability

This vulnerability is triggered when the Cisco ASA Software processes a DHCP request. DHCP relay and DHCP server features will trigger the DHCP request packet process. If either feature is enabled, the Cisco ASA Software may be vulnerable.

To determine whether the DHCP server feature is enabled on Cisco ASA Software use the show dhcpd state command and verify that at least one interface is configured for DHCP server. The following example shows the Cisco ASA Software with DHCP server enabled on the inside interface

ciscoasa# show dhcpd state
Context  Configured as DHCP Server
Interface inside, Configured for DHCP SERVER

To determine whether the DHCP relay feature is enabled on Cisco ASA Software use the show dhcprelay state command and verify that DHCP relay is active. The following example shows the Cisco ASA Software with DHCP relay enabled.

ciscoasa# show dhcprelay state
Context  Configured as DHCP Relay
Interface outside, Configured for DHCP RELAY SERVER
Interface inside, Configured for DHCP RELAY

Note: By default, DHCP server is enabled on the inside interface of the Cisco ASA 5505 and on the management interface of all other Cisco ASA 5500 Series Adaptive Security Appliances. DHCP server is disabled by default on Cisco Catalyst 6500 Series ASA Services Module.

DHCP relay feature is not enabled by default on any Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module platforms.




SSL VPN Authentication Denial of Service Vulnerability

This vulnerability may affect Cisco ASA Software configured for Clientless or AnyConnect SSL VPN. Cisco ASA Software configured as an IPsec VPN Server, IPsec/L2TP VPN Server or IKEv2 AnyConnect VPN server is not affected. Because this vulnerability is triggered when receiving a crafted authentication challenge-response, Cisco ASA Software is not affected when configured to use the AAA protocol that does not support the challenge option or with the challenge option disabled.

To be affected, the Cisco ASA Software should have SSL VPN enabled and the tunnel group configured to authenticate to a remote AAA server using a AAA protocol that has the AAA challenge option enabled.

Currently the following AAA setup may be configured with the challenge option enabled and hence be considered vulnerable:

  1. Native RSA SecurID (also known as SDI) - This is vulnerable when the SecureID server requires a challenge response from the user.
  2. RADIUS and TACACS+ authentication challenge - These are vulnerable when the AAA server uses a token-based authentication system which is capable of sending challenge requests to authenticating users.
  3. Active Directory password management via RADIUS or LDAP.  In these cases the Cisco ASA Software facilitates a user password change prior to authentication with Active Directory.
Other AAA authentication methods supported by the Cisco ASA Software such as HTTP form-based or using NT LAN Manager (NTLM) and Kerberos authentication protocols are not affected by this vulnerability.

To determine whether Cisco ASA Software has SSL VPN enabled use the show running-config webvpn command and verify that SSL VPN is enabled on at least one interface. The following example shows the Cisco ASA Software with SSL VPN enabled on the outside interface:

ciscoasa# show running-config webvpn
webvpn
 enable outside

To determine whether the Cisco ASA Software has the tunnel group configured for a remote AAA server, use the show running-config tunnel-group <tg_name> general-attributes command and verify that the authentication-server-group is set to authenticate to a remote AAA server. The following example shows the Cisco ASA Software with the tunnel group WebVPN configured to authenticate against a remote AAA server with tag labeled RSA.

ciscoasa#show running-config tunnel-group WebVPN general-attributes
tunnel-group WebVPN general-attributes
 authentication-server-group RSA

To determine which AAA protocol is in use for a given AAA server, use the show aaa-server <server-tag>. The AAA protocol in use is indicated under Server Group. The following example shows a AAA server with tag labeled RSA which is using RSA SecurID (SDI) as AAA protocol:

ciscoasa# show aaa-server RSA
Server Group:    RSA
Server Protocol: sdi

Note: SSL VPN is not enabled by default. The default AAA setting for tunnel group is LOCAL which is not affected by this vulnerability.



SIP Inspection Media Update Denial of Service Vulnerability

The Cisco ASA Software may be affected by this vulnerability if Session Initiation Protocol (SIP) inspection is enabled.

To determine whether SIP inspection is enabled use the show service-policy inspect sip command. The following example shows Cisco ASA Software with SIP inspection enabled:

ciscoasa# show service-policy | include sip
      Inspect: sip , packet 67, drop 0, reset-drop 0


Note: SIP inspection functionality is enabled by default.



DCERPC Inspection Buffer Overflow Vulnerability and DCERPC Inspection Denial Of Service Vulnerabilities


Cisco ASA Software is affected by these vulnerabilities if DCERPC inspection is enabled.

To determine whether the DCERPC inspection is enabled use the show service-policy | include dcerpc  command. The following example shows the Cisco ASA Software with DCERPC inspection enabled:

ciscoasa# show  service-policy | include dcerpc
      Inspect: dcerpc, packet 0, drop 0, reset-drop 0

Note: DCERPC inspection is not enabled by default.




Determine the Running Software Version

To determine whether a vulnerable version of Cisco ASA Software is running on an appliance, administrators can issue the show version command. The following example shows a Cisco ASA 5500 Series Adaptive Security Appliance that is running software version 8.4(1):

ciscoasa#show version | include Version
Cisco Adaptive Security Appliance Software Version 8.4(1)
Device Manager Version 6.4(1)

Customers who use Cisco Adaptive Security Device Manager (ASDM) to manage devices can locate the software version in the table that is displayed in the login window or upper-left corner of the Cisco ASDM window.


Information about Cisco PIX Security Appliance Software

All versions of the Cisco PIX Security Appliance Software are affected by the DHCP Memory Allocation Denial of Service Vulnerability.

Cisco PIX Security Appliance Software is not affected by any other vulnerabilities described in this security advisory.

Products Confirmed Not Vulnerable

The Cisco ASA 1000V Cloud Firewall and Cisco ASA-CX Context-Aware Security are not affected by any of these vulnerabilities.

With the exception of the Cisco FWSM, no other Cisco products are currently known to be affected by these vulnerabilities.

Details

The following section provides additional information about each vulnerability.

DHCP Memory Allocation Denial of Service Vulnerability


DHCP is a protocol that supplies automatic configuration parameters such as an IP address with a subnet mask, default gateway, DNS server, and WINS server IP address to hosts.

The Cisco ASA Software can act as a DHCP server or a DHCP client. When it operates as a server, the Cisco ASA Software provides network configuration parameters directly to DHCP clients.

A vulnerability exists in the implementation of the Dynamic Host Configuration Protocol (DHCP) Server functionality that would allow an unauthenticated, remote attacker to trigger a reload of the affected device. This vulnerability is due to a failure in allocating memory for an internal DHCP data structure upon receiving crafted DHCP packets. An attacker could exploit this vulnerability by sending a sequence of crafted DHCP packets to the affected system

Note: This vulnerability may be triggered by both transit traffic and traffic directed to the affected device. This vulnerability affects both routed and transparent firewall modes in both single-context and multicontext modes. This vulnerability can be triggered only by IPv4 traffic.



This vulnerability is documented in Cisco bug ID, CSCtw84068 (registered customers only) and has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2012-4643

SSL VPN Authentication Denial of Service Vulnerability


The Cisco ASA Software includes two types of SSL VPN, which is a technology for remote access to corporate resources:
  • Clientless SSL VPN provides access to Web applications, such as email, and corporate portals via Web browsers and Java components. It requires no client software.
  • The AnyConnect SSL VPN Client.

A vulnerability exists in the implementation of the authentication, authorization and accounting (AAA) code for remote the SSL VPN (Clientless and AnyConnect) feature that could allow an unauthenticated, remote attacker to trigger a reload of the affected system. This vulnerability is due to insufficient validation of  a crafted authentication response when a AAA challenge-response is required to complete the authentication process. An attacker could exploit this vulnerability by trying to authenticate on an ASA configured for SSL VPN with a crafted authentication challenge response.

This vulnerability affects a Cisco ASA Software configured for Clientless or AnyConnect SSL VPN. Cisco ASA Software configured as an IPsec VPN Server, IPSEC/L2TP VPN Server or IKEv2 AnyConnect server is not affected.

Note: Only traffic destined to the affected device can be used to exploit this vulnerability. This vulnerability affects only Cisco ASA Software configured in routed and single context mode. This vulnerability can be triggered by IPv4 traffic only.

This vulnerability is documented in Cisco bug ID, CSCtz04566 (registered customers only) and has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2012-4659

SIP Inspection Media Update Denial of Service Vulnerability

Session Initiation Protocol (SIP) as defined by the Internet Engineering Task Force (IETF), enables call handling sessions, particularly two-party audio conferences. SIP works with Session Description Protocol (SDP) for call signaling. SDP specifies the ports for the media stream. Cisco ASA Software supports dynamic allocation of ports for media stream via a dedicated SIP inspection engine.

A vulnerability exists in the SIP inspection engine code of the Cisco ASA Software, that may allow an unauthenticated, remote attacker to trigger a reload of the affected device. This vulnerability is due to improper processing of SIP media update packets. An attacker could exploit this vulnerability by sending a crafted SIP packet through the affected system. The packets that trigger this vulnerability must be part of an established SIP inspection session that needs to be inspected by the affected system.

Note: Only transit traffic can be used to exploit this vulnerability. This vulnerability affects both routed and transparent firewall mode in both single and multi-context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.



This vulnerability is documented in Cisco bug ID, CSCtr63728 (registered customers only) and has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2012-4660

DCERPC Inspection Buffer Overflow Vulnerability

DCERPC is a protocol that is widely used by Microsoft distributed client and server applications that allows software clients to remotely execute programs on a server.

A vulnerability exists in the DCERPC inspection engine that would allow an unauthenticated, remote attacker to cause a reload of the affected system or to overflow the stack and possibly execute arbitrary commands. The vulnerability is due to insufficient validation of DCERPC packets within a valid DCERPC session. An attacker could exploit this vulnerability by sending a crafted DCERPC packet that needs to be inspected by the affected system.


Note: Only transit traffic can be used to exploit this vulnerability. This vulnerability affects both routed and transparent firewall mode in both single and multi-context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.

This vulnerability is documented in Cisco bug ID, CSCtr21359 (registered customers only) and has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2012-4661

DCERPC Inspection Denial Of Service Vulnerabilities

Two vulnerabilities exist in the DCERPC inspection engine that would allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerabilities are due to insufficient validation of DCERPC packets within a valid DCERPC session. An attacker could exploit this vulnerability by sending a crafted DCERPC packet that needs to be inspected by the affected system.

Note: Only transit traffic can be used to exploit these vulnerabilities. This vulnerabilities affects both routed and transparent firewall mode in both single and multi-context mode. These vulnerabilities can be triggered by IPv4 and IPv6 traffic.

These vulnerabilities are documented in Cisco bug IDs, CSCtr21376 (registered customers only) and CSCtr21346 (registered customers only) and have been assigned Common Vulnerabilities and Exposures (CVE) IDs CVE-2012-4662 and  CVE-2012-4663

Vulnerability Scoring Details

Cisco has scored the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this security advisory is in accordance with CVSS version 2.0.

CVSS is a standards-based scoring method that conveys vulnerability severity and helps organizations determine the urgency and priority of a response.

Cisco has provided a base and temporal score. Customers can also compute environmental scores that help determine the impact of the vulnerability in their own networks.

Cisco has provided additional information regarding CVSS at the following link:

http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html

Cisco has also provided a CVSS calculator to compute the environmental impact for individual networks at the following link:

http://intellishield.cisco.com/security/alertmanager/cvss



CSCtw84068 - DHCP Memory Allocation Denial of Service Vulnerability

Calculate the environmental score of CSCtw84068

CVSS Base Score - 7.1

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Network

Medium

None

None

None

Complete

CVSS Temporal Score - 5.9

Exploitability

Remediation Level

Report Confidence

Functional

Official-Fix

Confirmed




CSCtz04566 - SSL VPN Authentication Denial of Service Vulnerability

Calculate the environmental score of CSCtz04566

CVSS Base Score - 7.1

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Network

Medium

None

None

None

Complete

CVSS Temporal Score - 5.9

Exploitability

Remediation Level

Report Confidence

Functional

Official-Fix

Confirmed




CSCtr63728 - SIP Inspection Media Update Denial of Service Vulnerability

Calculate the environmental score of CSCtr63728

CVSS Base Score - 7.8

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Network

Low

None

None

None

Complete

CVSS Temporal Score - 6.4

Exploitability

Remediation Level

Report Confidence

Functional

Official-Fix

Confirmed


CSCtr21359 - DCERPC Inspection Buffer Overflow Vulnerability

Calculate the environmental score of CSCtr21359

CVSS Base Score - 9.0

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Network

Medium

None

Complete

Partial

Complete

CVSS Temporal Score - 7.4

Exploitability

Remediation Level

Report Confidence

Functional

Official-Fix

Confirmed


CSCtr21376 - DCERPC Inspection Denial Of Service Vulnerability

Calculate the environmental score of CSCtr21376

CVSS Base Score - 7.1

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Network

Medium

None

None

None

Complete

CVSS Temporal Score - 5.9

Exploitability

Remediation Level

Report Confidence

Functional

Official-Fix

Confirmed



CSCtr21346 - DCERPC Inspection Denial Of Service Vulnerability

Calculate the environmental score of CSCtr21346

CVSS Base Score - 7.1

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Network

Medium

None

None

None

Complete

CVSS Temporal Score - 5.9

Exploitability

Remediation Level

Report Confidence

Functional

Official-Fix

Confirmed



Impact

Successful exploitation of all the vulnerabilities described in this security advisory may cause a reload of the affected device. Successful exploitation of the DCERPC Inspection Buffer Overflow Vulnerability may additionally cause a stack overflow and possibly the execution of arbitrary commands.

Software Versions and Fixes

When considering software upgrades, customers are advised to consult the Cisco Security Advisories and Responses archive at http://www.cisco.com/go/psirt and review subsequent advisories to determine exposure and a complete upgrade solution.

In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.


DHCP Memory Allocation Denial of Service Vulnerability


Vulnerability Major Release
First Fixed Release

DHCP Memory Allocation Denial of Service Vulnerability - CSCtw84068
7.0 7.2(5.8)
7.1 7.2(5.8)
7.2 7.2(5.8)
8.0 8.0(5.28)
8.1 8.1(2.56)
8.2 8.2(5.27)
8.3 8.3(2.31)
8.4 8.4(3.10)
8.5 8.5(1.9)
8.6 8.6(1.5)


SSL VPN Authentication Denial of Service Vulnerability

Vulnerability Major Release
First Fixed Release

SSL VPN Authentication Denial of Service Vulnerability - CSCtz04566
7.0 Not Affected
7.1 Not Affected
7.2 Not Affected
8.0 Not Affected
8.1 Not Affected
8.2 8.2(5.30)
8.3 8.3(2.34)
8.4 Not Affected
8.5 Not Affected
8.6 Not Affected

SIP Inspection Media Update Denial of Service Vulnerability

Vulnerability Major Release
First Fixed Release

SIP Inspection Media Update Denial of Service Vulnerability - CSCtr63728
7.0 Not Affected
7.1 Not Affected
7.2 Not Affected
8.0 Not Affected
8.1 Not Affected
8.2 8.2(5.17)
8.3 8.3(2.28)
8.4 8.4(2.13)
8.5 8.5(1.4)
8.6 8.6(1.5)

DCERPC Inspection Buffer Overflow Vulnerability

Vulnerability Major Release
First Fixed Release
DCERPC Inspection Buffer Overflow Vulnerability - CSCtr21359
7.0 Not Affected
7.1 Not Affected
7.2 Not Affected
8.0 Not Affected
8.1 Not Affected
8.2 Not Affected
8.3 8.3(2.34)
8.4 8.4(4.4)
8.5 8.5(1.13)
8.6 8.6(1.3)

DCERPC Inspection Denial Of Service Vulnerabilities


Vulnerability Major Release
First Fixed Release
DCERPC Inspection Denial Of Service Vulnerabilities - CSCtr21376 and CSCtr21346
7.0 Not Affected
7.1 Not Affected
7.2 Not Affected
8.0 Not Affected
8.1 Not Affected
8.2 Not Affected
8.3 8.3(2.25)
8.4 8.4(2.5)
8.5 8.5(1.13)
8.6 Not Affected


Recommended Releases

The following table lists all recommended releases. These recommended releases contain the fixes for all vulnerabilities in this advisory. Cisco recommends upgrading to a release that is equal to or later than these recommended releases.

Major Release

Recommended Release

7.0 7.2(5.8)
7.1 7.2(5.8)
7.2 7.2(5.8)
8.0 8.0(5.28)
8.1 8.1(2.56)
8.2 8.2(5.33)
8.3 8.3(2.34)
8.4 8.4(4.5)
8.5 8.5(1.14)
8.6 8.6(1.5)

Software Download

Cisco ASA Software can be downloaded from the Software Center on Cisco.com by visiting http://www.cisco.com/cisco/software/navigator.html

For Cisco ASA 5500 Series Adaptive Security Appliances, navigate to Products > Security > Firewalls > Adaptive Security Appliances (ASA) > Cisco ASA 5500 Series Adaptive Security Appliances > <your Cisco ASA model> > Adaptive Security Appliance (ASA) Software. Please note that some of these versions are interim versions and they can be found by expanding the Interim tab on the download page.

For Cisco Catalyst 6500 Series ASA Services Module, navigate to Products > Cisco Interfaces and Modules > Cisco Services Modules >Cisco Catalyst 6500 Series ASA Services Module > ASA Services Module (ASASM) Software. Please note that some of these versions are interim versions and they can be found by expanding the Interim tab on the download page.


Workarounds

The following section contains information about a workaround, if available, for each vulnerability described in this security advisory.

DHCP Memory Allocation Denial of Service Vulnerability

Besides disabling the DHCP server and DHCP relay features, there are no workarounds that mitigate this vulnerability.

SSL VPN Authentication Denial of Service Vulnerability

There are no workarounds that mitigate this vulnerability.

SIP Inspection Media Update Denial of Service Vulnerability

Disabling SIP inspection will mitigate this vulnerability.
The following commands will disable the SIP inspection that is configured by default:

ciscoasa(config)# policy-map global_policy
ciscoasa(config-pmap)# class inspection_default
ciscoasa(config-pmap-c)# no inspect sip

DCERPC Inspection Buffer Overflow Vulnerability and DCERPC Inspection Denial Of Service Vulnerabilities

Besides disabling the DCERPC inspection, there are no workarounds that mitigate these vulnerabilities.


Obtaining Fixed Software

Cisco has released free software updates that address the vulnerabilities described in this advisory. Prior to deploying software, customers are advised to consult their maintenance providers or check the software for feature set compatibility and known issues that are specific to their environments.

Customers may only install and expect support for feature sets they have purchased. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html.

Customers with Service Contracts

Customers with contracts should obtain upgraded software through their regular update channels. For most customers, upgrades should be obtained through the Software Navigator on Cisco.com at http://www.cisco.com/cisco/software/navigator.html.

Customers Using Third-Party Support Organizations

Customers with Cisco products that are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers, should contact that organization for assistance with the appropriate course of action.

The effectiveness of any workaround or fix depends on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Because of the variety of affected products and releases, customers should consult their service providers or support organizations to ensure that any applied workaround or fix is the most appropriate in the intended network before it is deployed.

Customers Without Service Contracts

Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco Technical Assistance Center (TAC):

  • +1 800 553 2447 (toll free from within North America)
  • +1 408 526 7209 (toll call from anywhere in the world)
  • e-mail: tac@cisco.com

Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Customers without service contracts should request free upgrades through the TAC.

Refer to Cisco Worldwide Contacts at http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, instructions, and e-mail addresses for support in various languages.

Exploitation and Public Announcements

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

All the vulnerabilities described in this security advisory were found during internal testing or discovered during the resolution of customer support cases.

Status of This Notice: Final

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.


Distribution

This advisory is posted on Cisco Security at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa

Additionally, a text version of this advisory is clear signed with the Cisco PSIRT PGP key and circulated among the following e-mail addresses:

  • cust-security-announce@cisco.com
  • first-bulletins@lists.first.org
  • bugtraq@securityfocus.com
  • vulnwatch@vulnwatch.org
  • cisco@spot.colorado.edu
  • cisco-nsp@puck.nether.net
  • full-disclosure@lists.grok.org.uk

Future updates of this advisory, if any, will reside on Cisco.com but may not be announced on mailing lists. Users can monitor this advisory's URL for any updates.


Revision History

Revision 1.0 2012-October-10 Initial public release

Cisco Security Procedures

Complete information about reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco is available on Cisco.com at http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html. This web page includes instructions for press inquiries regarding Cisco Security Advisories. All Cisco Security Advisories are available at http://www.cisco.com/go/psirt.


Download this document (PDF)
View Printable Version