Cisco ASA UDP检测引擎拒绝服务漏洞

文章由LinuxBoy分享于2019-04-02 08:04:16热评（354）

Cisco ASA UDP检测引擎拒绝服务漏洞

发布日期：2012-03-14
更新日期：2012-03-15

受影响系统：
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.x
Cisco Catalyst 6500 Series ASA Services Module 8.x
不受影响系统：
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.5(1.2)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.4(2.1)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.3(2.22)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.2(5.5)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.1(2.50)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.0(5.25)
Cisco Catalyst 6500 Series ASA Services Module 8.5(1.2)
Cisco Catalyst 6500 Series ASA Services Module 8.4(2.1)
Cisco Catalyst 6500 Series ASA Services Module 8.3(2.22)
Cisco Catalyst 6500 Series ASA Services Module 8.2(5.5)
Cisco Catalyst 6500 Series ASA Services Module 8.1(2.50)
Cisco Catalyst 6500 Series ASA Services Module 8.0(5.25)
描述：
--------------------------------------------------------------------------------
BUGTRAQ ID: 52484
CVE ID: CVE-2012-0353

Cisco ASA 5500系列自适应安全设备是用于提供安全和VPN服务的模块化平台，可提供防火墙、IPS、anti-X和VPN服务。

Cisco ASA UDP检测引擎可用于检测基于UDP的协议，在处理畸形流时存在可使远程未
验证的攻击者触发ASA重载的漏洞，攻击者可通过发送特制的序列利用此漏洞造成拒绝访问。

<*来源：Cisco

链接：http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa

*>

建议：
--------------------------------------------------------------------------------
厂商补丁：

Cisco
-----
Cisco已经为此发布了一个安全公告（cisco-sa-20120314-asa）以及相应补丁:

cisco-sa-20120314-asa：Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

链接：http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa

推荐文章：

Cisco ASA UDP检测引擎拒绝服务漏洞