Test ID:	1.3.6.1.4.1.25623.1.0.106767
Category:	CISCO
Title:	Cisco ASA Software TCP Normalizer Denial of Service Vulnerability (cisco-sa-20170419-asa-norm)
Summary:	A vulnerability in the TCP normalizer of Cisco Adaptive; Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause Cisco; ASA to drop any further incoming traffic on all interfaces, resulting in a denial of service; (DoS) condition.
Description:	Summary: A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause Cisco ASA to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition. Vulnerability Insight: The vulnerability is due to improper limitation of the global out-of-order TCP queue for specific block sizes. An attacker could exploit this vulnerability by sending a large number of unique permitted TCP connections with out-of-order segments. Vulnerability Impact: An exploit could allow the attacker to exhaust available blocks in the global out-of-order TCP queue, causing the dropping of any further incoming traffic on all interfaces and resulting in a DoS condition. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3793 BugTraq ID: 97923 http://www.securityfocus.com/bid/97923 http://www.securitytracker.com/id/1038329
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.