Test ID:	1.3.6.1.4.1.25623.1.0.106081
Category:	CISCO
Title:	Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability (cisco-sa-20160517-asa-vpn)
Summary:	A vulnerability in the IPsec code of Cisco Adaptive Security; Appliance (ASA) Software could allow an authenticated, remote attacker to cause the depletion of; a memory block, which may cause the system to stop forwarding traffic and result in a denial of; service (DoS) condition.
Description:	Summary: A vulnerability in the IPsec code of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service (DoS) condition. Vulnerability Insight: The vulnerability is due to an error in the implementation of ICMP error handling for IPsec packets. An attacker could exploit this vulnerability by sending crafted packets through an established LAN-to-LAN or Remote Access VPN tunnel. Vulnerability Impact: A successful exploit could allow the attacker to deplete available memory and cause system instability or cause the system to stop forwarding traffic. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1379 Cisco Security Advisory: 20160517 Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.