English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.106053
Category:CISCO
Title:Cisco ASA DHCPv6 Relay DoS Vulnerability (cisco-sa-20150115-asa-dhcp)
Summary:A vulnerability in the DHCPv6 relay feature of Cisco ASA may; lead to a denial of service.
Description:Summary:
A vulnerability in the DHCPv6 relay feature of Cisco ASA may
lead to a denial of service.

Vulnerability Insight:
A vulnerability in the DHCPv6 relay feature could allow an
unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due
to insufficient validation of DHCPv6 packets. Cisco ASA Software is affected by this
vulnerability only if the software is configured with the DHCPv6 relay feature. An attacker could
exploit this vulnerability by sending crafted DHCPv6 packets to an affected device. Only DHCPv6
packets directed to the Cisco ASA interface where the DHCPv6 relay feature is enabled can be used
to trigger this vulnerability.

Vulnerability Impact:
An unauthenticated, remote attacker could cause the system to
reload.

Affected Software/OS:
Version 9.0, 9.1, 9.2 and 9.3 on Cisco Adaptive Security
Virtual Appliance (ASAv), Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security
Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA Services Module for
Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers.

Solution:
Apply the appropriate updates from Cisco. As a workaround
disable the DHCPv6 relay feature.

CVSS Score:
5.7

CVSS Vector:
AV:A/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-0578
BugTraq ID: 72718
http://www.securityfocus.com/bid/72718
Cisco Security Advisory: 20150114 Cisco ASA DHCPv6 Relay DoS Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0578
Cisco Security Advisory: 20150115 Cisco Adaptive Security Appliance DHCPv6 Relay Denial of Service Vulnerability
https://tools.cisco.com/security/center/viewAlert.x?alertId=37022
http://www.securitytracker.com/id/1031542
XForce ISS Database: cisco-asa-cve20150578-dos(100549)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100549
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.