CERT-In Vulnerability Note CIVN-2010-39
Cisco ASA 5500 Series Adaptive Security Appliances Remote TCP Connection Exhaustion Denial of Service Vulnerability

Original Issue Date: March 02, 2010

Severity Rating: Medium

System Affected

The following versions of Cisco ASA Software are affected:

• 7.2 and later but prior to 7.2(4.46)
• 8.0 and later but prior to 8.0(4.38)
• 8.1 and later but prior to 8.1(2.29)
• 8.2 and later but prior to 8.2(1.5)

Overview

A vulnerability has been reported in Cisco ASA 5500 Series Adaptive Security Appliances that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.  

Description

The vulnerability is because of an unspecified error in the handling of TCP packets. A remote attacker could send specific TCP segments to an affected device during the termination phase of a TCP connection. When the device tries to process these segments, a TCP connection resource exhaustion error can occur, resulting in a DoS condition.

Solution

Vendor Information

Cisco
http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml

References

Cisco
http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml
http://tools.cisco.com/security/center/viewAlert.x?alertId=19914

VUPEN
http://www.vupen.com/english/advisories/2010/0415

Security Tracker
http://securitytracker.com/alerts/2010/Feb/1023612.html

CVE Name
CVE-2010-0149

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003