1. CVE-Search
  2. CVE-2009-1157
ID CVE-2009-1157
Summary Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet. Per vendor advisory: http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml Crafted TCP Packet DoS Vulnerability Cisco ASA and Cisco PIX security appliances may experience a memory leak that can be triggered by a series of crafted TCP packets. Cisco ASA and Cisco PIX security appliances running versions 7.0, 7.1, 7.2, 8.0, and 8.1 are affected when configured for any of the following features: * SSL VPNs * ASDM Administrative Access * Telnet Access * SSH Access * Cisco Tunneling Control Protocol (cTCP) for Remote Access VPNs * Virtual Telnet * Virtual HTTP * Transport Layer Security (TLS) Proxy for Encrypted Voice Inspection * Cut-Through Proxy for Network Access * TCP Intercept
References
Vulnerable Configurations
  • cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.0:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.0:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.1:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.1:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 28-04-2009 - 05:39)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
refmap via4
bid 34429
cisco 20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances
osvdb 53445
sectrack 1022015
secunia 34607
vupen ADV-2009-0981
Last major update 28-04-2009 - 05:39
Published 09-04-2009 - 15:08
Last modified 28-04-2009 - 05:39
Back to Top