|
|
RSA BSAFE Library Remote ASN.1 Denial of Service Vulnerability
The RSA BSAFE library is prone to a denial-of-service vulnerability because it fails to properly handle malformed ASN.1 data. Exploiting this vulnerability allows attackers to crash applications that use the affected library. The specific impact of this vulnerability depends on the nature of the applications. Local and remote attacks may be possible. Depending on the nature of vulnerable applications, attackers may be able to exploit this issue without authentication. These versions are vulnerable: RSA BSAFE Crypto-C prior to 6.3.1 Cert-C prior to 2.8 The vendor tracks this issue by RSA Bug ID 46337. Cisco tracks this issue as Bug IDs: Cisco IOS: CSCsd85587 Cisco IOS XR: CSCsg41084 Cisco PIX and ASA Security Appliances: CSCse91999 Cisco Firewall Services Module (FWSM): CSCsi97695 Cisco Unified CallManager: CSCsg44348 |
|
Privacy Statement |