Cisco PIX 500 Series Security Appliance and Cisco 5500 Series Adaptive Security Appliance (ASA) running software versions prior to 7.2(3)006 or 8.0(3) contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability was introduced in version 7.2(2).
The vulnerability is due to an error that may occur when the feature that is responsible for reducing the time-to-live (TTL) value of a packet has been enabled. A packet's TTL value is used to determine when an IP packet should be dropped from the network because the packet has passed through too many routing devices, which likely indicates a route loop. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IP packets to the affected device. When the packets are processed, the error condition may be triggered, resulting in a crash and reload of the device.
Cisco has confirmed the vulnerability and released updated software.