ID de Prueba:	1.3.6.1.4.1.25623.1.0.105999
Categoría:	CISCO
Título:	Cisco ASA DNS Memory Exhaustion Vulnerability (cisco-sa-20150408-asa)
Resumen:	Cisco ASA is prone to a DNS memory exhaustion vulnerability.
Descripción:	Summary: Cisco ASA is prone to a DNS memory exhaustion vulnerability. Vulnerability Insight: The vulnerability is due to improper processing of DNS packets. An attacker could exploit this vulnerability by sending a request to an affected Cisco ASA appliance, which can cause it to generate a DNS request packet. The attacker would need to be able to intercept this request and reply with a crafted DNS reply packet. Vulnerability Impact: An unauthenticated, remote attacker could exploit this vulnerability by sending a request to a targeted device, causing the device to generate a DNS request packet. If the attacker can intercept the request and reply with a crafted DNS packet, the attacker could cause the device to exhaust available memory resources to cause system instability that results in a DoS condition. Affected Software/OS: Cisco ASA version 7.2, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 9.0, 9.1, 9.2, 9.3. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0676 Cisco Security Advisory: 20150408 Multiple Vulnerabilities in Cisco ASA Software http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa http://www.securitytracker.com/id/1032045
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.