Cisco Security Advisory: Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability
Advisory ID: cisco-sa-20150115-asa-dhcp
Revision 2.0
For Public Release 2015 January 15 17:54 UTC (GMT)
+-----------------------------
Summary
=======
A vulnerability in the DHCPv6 relay feature of Cisco Adaptive Security Appliance (ASA) software could allow an unauthenticated, remote attacker to cause an affected device to reload.
The vulnerability is due to insufficient validation of DHCPv6 packets. Cisco ASA Software is affected by this vulnerability only if the software is configured with the DHCPv6 relay feature. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to an affected device.
Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link:
http://tools.cisco.com/
Note: This advisory has been updated to revision 2.0. Please consult the full advisory at the following link for details on what has been updated:
http://tools.cisco.com/
Komentarų nėra:
Rašyti komentarą