CNVD-2015-06863

Vulnerability from cnvd - Published: 2015-10-28
VLAI Severity ?
Title
Cisco Adaptive Security Appliance拒绝服务漏洞(CNVD-2015-06863)
Description
Cisco ASA 5500系列自适应安全设备是用于提供安全和VPN服务的模块化平台,可提供防火墙、IPS、anti-X和VPN服务。 Cisco Adaptive Security Appliance (ASA)在实现上存在安全漏洞。远程攻击者通过构造的DNS响应数据,利用此漏洞可造成拒绝服务(设备重载)。
Severity
Patch Name
Cisco Adaptive Security Appliance拒绝服务漏洞(CNVD-2015-06863)的补丁
Patch Description
Cisco ASA 5500系列自适应安全设备是用于提供安全和VPN服务的模块化平台,可提供防火墙、IPS、anti-X和VPN服务。 Cisco Adaptive Security Appliance (ASA)在实现上存在安全漏洞。远程攻击者通过构造的DNS响应数据,利用此漏洞可造成拒绝服务(设备重载)。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

Cisco已经为此发布了一个安全公告(cisco-sa-20151021-asa-dns1)以及相应补丁: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns1

Reference
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns1
Impacted products
Name
['Cisco Adaptive Security Appliance (ASA) Software 7.2', 'Cisco Adaptive Security Appliance (ASA) Software 8.2(< 8.2(5.58))', 'Cisco Adaptive Security Appliance (ASA) Software 8.3', 'Cisco Adaptive Security Appliance (ASA) Software 8.4(<8.4(7.29))', 'Cisco Adaptive Security Appliance (ASA) Software 8.5-8.7(<8.7(1.17))', 'Cisco Adaptive Security Appliance (ASA) Software \r\n9.0(< 9.0(4.37))', 'Cisco Adaptive Security Appliance (ASA) Software 9.1(<9.1(6.8))', 'Cisco Adaptive Security Appliance (ASA) Software \r\n9.2(< 9.2(4))', 'Cisco Adaptive Security Appliance (ASA) Software 9.3(<9.3(3))']
Show details on source website
To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-6325"
    }
  },
  "description": "Cisco ASA 5500\u7cfb\u5217\u81ea\u9002\u5e94\u5b89\u5168\u8bbe\u5907\u662f\u7528\u4e8e\u63d0\u4f9b\u5b89\u5168\u548cVPN\u670d\u52a1\u7684\u6a21\u5757\u5316\u5e73\u53f0\uff0c\u53ef\u63d0\u4f9b\u9632\u706b\u5899\u3001IPS\u3001anti-X\u548cVPN\u670d\u52a1\u3002\r\n\r\nCisco Adaptive Security Appliance (ASA)\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u6784\u9020\u7684DNS\u54cd\u5e94\u6570\u636e\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8bbe\u5907\u91cd\u8f7d\uff09\u3002",
  "discovererName": "Cisco",
  "formalWay": "Cisco\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08cisco-sa-20151021-asa-dns1\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns1",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-06863",
  "openTime": "2015-10-28",
  "patchDescription": "Cisco ASA 5500\u7cfb\u5217\u81ea\u9002\u5e94\u5b89\u5168\u8bbe\u5907\u662f\u7528\u4e8e\u63d0\u4f9b\u5b89\u5168\u548cVPN\u670d\u52a1\u7684\u6a21\u5757\u5316\u5e73\u53f0\uff0c\u53ef\u63d0\u4f9b\u9632\u706b\u5899\u3001IPS\u3001anti-X\u548cVPN\u670d\u52a1\u3002\r\nCisco Adaptive Security Appliance (ASA)\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u6784\u9020\u7684DNS\u54cd\u5e94\u6570\u636e\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8bbe\u5907\u91cd\u8f7d\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Adaptive Security Appliance\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2015-06863\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Adaptive Security Appliance (ASA) Software 7.2",
      "Cisco Adaptive Security Appliance (ASA) Software  8.2(\u003c 8.2(5.58))",
      "Cisco Adaptive Security Appliance (ASA) Software  8.3",
      "Cisco Adaptive Security Appliance (ASA) Software  8.4(\u003c8.4(7.29))",
      "Cisco Adaptive Security Appliance (ASA) Software  8.5-8.7(\u003c8.7(1.17))",
      "Cisco Adaptive Security Appliance (ASA) Software  \r\n9.0(\u003c 9.0(4.37))",
      "Cisco Adaptive Security Appliance (ASA) Software  9.1(\u003c9.1(6.8))",
      "Cisco Adaptive Security Appliance (ASA) Software  \r\n9.2(\u003c 9.2(4))",
      "Cisco Adaptive Security Appliance (ASA) Software  9.3(\u003c9.3(3))"
    ]
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns1",
  "serverity": "\u9ad8",
  "submitTime": "2015-10-27",
  "title": "Cisco Adaptive Security Appliance\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2015-06863\uff09"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.