Info

Disclosure

May 02, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

ASA/PIX contains a flaw that may allow a remote denial of service. The issue is triggered when by an unspecified flaw in the DHCP Relay agent, and will result in loss of availability for the platform.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified
OSVDB: Security Software

Solution

Upgrade to version 7.2(2.15) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Cisco Systems, Inc.	PIX	7.2(1)
		7.2(14)
		7.2(2)2
		7.2(2)10
	ASA	7.2(1)
		7.2(14)
		7.2(2)2
		7.2(2)10

References

Security Tracker: 1017999 1018000
CVE ID: 2007-2461 (see also: NVD)
Bugtraq ID: 23763
Secunia Advisory ID: 25109
ISS X-Force ID: 34026
Related OSVDB ID: 35331 35332 35333
CERT VU: 530057
VUPEN Advisory: ADV-2007-1635
Vendor Specific Advisory URL: http://www.cisco.com/warp/public/707/cisco-sr-20070502-pix.shtml

Credit

Lisa Sittler -
Grant Deffenbaugh -

Direct URL: http://osvdb.org/35330

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Cisco Systems, Inc.

PIX

ASA

References

Credit