Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Cisco ASA DNS Memory Exhaustion Vulnerability
Information
Severity
Severity
High
Family
Family
CISCO
CVSSv2 Base
CVSSv2 Base
7.1
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:M/Au:N/C:N/I:N/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
8 years ago
Modified
Modified
5 years ago
Summary
Cisco ASA is prone to a DNS memory exhaustion vulnerability.
Insight
Insight
The vulnerability is due to improper processing of DNS packets. An attacker could exploit this vulnerability by sending a request to an affected Cisco ASA appliance, which can cause it to generate a DNS request packet. The attacker would need to be able to intercept this request and reply with a crafted DNS reply packet.
Affected Software
Affected Software
Version 7.2, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 9.0, 9.1, 9.2, 9.3
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Apply the appropriate updates from Cisco.