Welcome 微信登录
编程资源 图片资源库 蚂蚁家优选 PDF转换器

首页 / 操作系统 / Linux / Cisco ASA威胁检测拒绝服务漏洞

发布日期:2012-03-14
更新日期:2012-03-15受影响系统:
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.x
Cisco Catalyst 6500 Series ASA Services Module 8.x
不受影响系统:
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.5(1.2)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.4(2.1)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.3(2.22)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.2(5.5)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.1(2.50)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.0(5.25)
Cisco Catalyst 6500 Series ASA Services Module 8.5(1.2)
Cisco Catalyst 6500 Series ASA Services Module 8.4(2.1)
Cisco Catalyst 6500 Series ASA Services Module 8.3(2.22)
Cisco Catalyst 6500 Series ASA Services Module 8.2(5.5)
Cisco Catalyst 6500 Series ASA Services Module 8.1(2.50)
Cisco Catalyst 6500 Series ASA Services Module 8.0(5.25)
描述:
--------------------------------------------------------------------------------
BUGTRAQ  ID: 52489
CVE(CAN) ID: CVE-2012-0354Cisco ASA 5500系列自适应安全设备是用于提供安全和VPN服务的模块化平台,可提供防火墙、IPS、anti-X和VPN服务。ASA威胁检测功能在用Cisco ASA Scanning Threat Mode功能配置后并启用了shun选项后,包含可使远程未验证攻击者触发ASA重载的漏洞。由于shun事件触发了内部漏洞,且没有正确处理导致了此漏洞。通过发送IP报文触发扫描功能的shun选项,可利用此漏洞。
<*来源:Cisco
 
  链接:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa
        http://www.linuxidc.com/Linux/2012-03/56779.htm
*>建议:
--------------------------------------------------------------------------------
临时解决方法:如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:*禁用shun选项。厂商补丁:Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20120314-asa)以及相应补丁:cisco-sa-20120314-asa:Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module链接:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa多个Check Point防火墙产品信息泄露漏洞McAfee Email/Web Security Appliance/Email Gateway多个安全漏洞相关资讯      cisco漏洞 
  • Cisco Transport Gateway for   (08/30/2014 07:07:12)
  • Cisco Video Surveillance 4000系  (10/15/2013 15:43:33)
  • Cisco IOS远程拒绝服务漏洞(CVE-  (08/09/2012 10:00:10)
  • Cisco Prime Data Center Network   (07/30/2014 20:59:06)
  • Cisco IOS SSL VPN Portal重载拒绝  (08/15/2012 08:29:03)
  • Cisco IOS SSH2会话远程拒绝服务漏  (08/09/2012 09:59:32)
本文评论 查看全部评论 (0)
表情: 姓名: 字数


评论声明
  • 尊重网上道德,遵守中华人民共和国的各项有关法律法规
  • 承担一切因您的行为而直接或间接导致的民事或刑事法律责任
  • 本站管理人员有权保留或删除其管辖留言中的任意内容
  • 本站有权在网站内转载或引用您的评论
  • 参与本评论即表明您已经阅读并接受上述条款
版权所有©石家庄振强科技有限公司2024 冀ICP备08103738号-5 网站地图