Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4661

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2012-4661
Last Modified 10 Apr 2013 11:31:09
Published 29 Oct 2012 04:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact PARTIAL PARTIAL
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4661

Summary

Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522.

Vulnerable Systems

Application

  • Cisco Adaptive Security Appliance Software 8.3%281%29

  • Cisco Adaptive Security Appliance Software 8.3%282%29

  • Cisco Adaptive Security Appliance Software 8.4

  • Cisco Adaptive Security Appliance Software 8.4%281%29

  • Cisco Adaptive Security Appliance Software 8.4%281.11%29

  • Cisco Adaptive Security Appliance Software 8.4%282%29

  • Cisco Adaptive Security Appliance Software 8.4%282.11%29

  • Cisco Adaptive Security Appliance Software 8.5

  • Cisco Adaptive Security Appliance Software 8.5%281%29

  • Cisco Adaptive Security Appliance Software 8.5%281.4%29

  • Cisco Adaptive Security Appliance Software 8.6

  • Cisco Adaptive Security Appliance Software 8.6%281%29


References

CISCO - 20121010 Multiple Vulnerabilities in Cisco Firewall Services Module

CISCO - 20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

XF - cisco-fwsm-dcerpc-bo(79173)

BID - 55863

OSVDB - 86146

SECUNIA - 50857


Last Updated: 27 May 2016 10:49:48