Test Kennung:	1.3.6.1.4.1.25623.1.0.106767
Kategorie:	CISCO
Titel:	Cisco ASA Software TCP Normalizer Denial of Service Vulnerability (cisco-sa-20170419-asa-norm)
Zusammenfassung:	A vulnerability in the TCP normalizer of Cisco Adaptive; Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause Cisco; ASA to drop any further incoming traffic on all interfaces, resulting in a denial of service; (DoS) condition.
Beschreibung:	Summary: A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause Cisco ASA to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition. Vulnerability Insight: The vulnerability is due to improper limitation of the global out-of-order TCP queue for specific block sizes. An attacker could exploit this vulnerability by sending a large number of unique permitted TCP connections with out-of-order segments. Vulnerability Impact: An exploit could allow the attacker to exhaust available blocks in the global out-of-order TCP queue, causing the dropping of any further incoming traffic on all interfaces and resulting in a DoS condition. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3793 BugTraq ID: 97923 http://www.securityfocus.com/bid/97923 http://www.securitytracker.com/id/1038329
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.