Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2016-1287 |
Description: | Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019. |
Test IDs: | 1.3.6.1.4.1.25623.1.0.806682 |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-1287 CERT/CC vulnerability note: VU#327976 https://www.kb.cert.org/vuls/id/327976 Cisco Security Advisory: 20160210 Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike https://www.exploit-db.com/exploits/39823/ http://packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html https://blog.exodusintel.com/2016/02/10/firewall-hacking/ http://www.securitytracker.com/id/1034997 |