Denial of service in Cisco ASA 5500-X Series
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2016-6439 |
| CWE-ID | CWE-399 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Cisco ASA 5500-X Series Hardware solutions / Security hardware applicances |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Denial of service
EUVDB-ID: #VU1047
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-6439
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote anauthenticated user to cause DoS conditions on the target system.
The weakness is due to resource management error. By sending a specially crafted data, attackers can trigger the Snort process restart and bypass Snort detection.
Successful exploitation results in denial of service that may lead to further attacks on the vulnerable system.
Install update from vendor's website.
Vulnerable software versionsCisco ASA 5500-X Series: 5.4.1.5 - 6.0.0.1
CPE2.3- cpe:2.3:h:cisco_systems:cisco_asa_5500-x_series:5.4.1.5:*:*:*:*:asa:*:*
- cpe:2.3:h:cisco_systems:cisco_asa_5500-x_series:6.0:*:*:*:*:asa:*:*
- cpe:2.3:h:cisco_systems:cisco_asa_5500-x_series:6.0.0.1:*:*:*:*:asa:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-fpsnort
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
