PROBLEM:
A vulnerability has been reported in Cisco Adaptive Security Appliances (ASA), which can be exploited by malicious people to cause a DoS (Denial of Service).
PLATFORM:
Cisco Adaptive Security Appliance (ASA) 8.x
Cisco ASA 5500 Series Adaptive Security Appliances
ABSTRACT:
The vulnerability is caused due to an unspecified error when handling IPv6 transit traffic and can be exploited to cause a reload of the affected device.
reference LINKS:
Vendor Advisory
Secunia ID 49647
CVE-2012-3058
IMPACT ASSESSMENT:
High
Discussion:
Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and Cisco Catalyst 6500 Series ASA Services Module (Cisco ASASM) contain a vulnerability that may allow an unauthenticated, remote attacker to cause a reload of the affected device.
Successful exploitation requires the device to be configured in transparent firewall mode with system logging enabled for message ID 110003.
Note: This vulnerability can only be triggered by IPv6 transit traffic, and affects both Cisco ASA and Cisco ASASM when configured in transparent firewall mode (either single or multiple context mode).
Impact:
Remote DOS
Solution:
The vendor has issued a fix that is available through Cisco Support.