Incident Response, Network Security, Patch/Configuration Management, TDR, Vulnerability Management

Cisco patch blocks DoS vulnerability

Remote attackers have been shut out of the IPsec code of Cisco Adaptive Security Appliance (ASA) Software following Tuesday's release of a patch, according to a Cisco security advisory.

The incursion could have allowed attackers to alter a memory block, which subsequently may cause the system to cease transferring traffic culminating in a denial-of-service (DoS) situation.

The bug was the result of an error in the installation of ICMP error handling for IPSec packets, Cisco said.

"An attacker could exploit this vulnerability by sending crafted packets through an established LAN-to-LAN or Remote Access VPN tunnel," the researchers explained. 
The company has released software updates to mitigate the situation.

While the Cisco Product Security Incident Response Team (PSIRT) stated it is not aware of any malicious use of this vulnerability, as always, it advises customers to upgrade.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.