Cisco ASA Appliance Crypto Accelerator Memory Leak Denial of Service Vulnerability

Cisco ASA security appliances are prone to a remote denial-of-service vulnerability.

The hardware Crypto Accelerator included with these appliances is prone to a denial-of-service vulnerability. Specifically, the initialization code for the vulnerable hardware will leak memory when processing a specific sequence of packets.

An attacker can exploit this issue by sending specially crafted packets to cause the affected devices to reload, denying service to legitimate users. Repeat attacks will result in a prolonged denial-of-service condition. This issue is documented in Cisco Bug ID CSCsj25896.


Privacy Statement
Copyright 2010, SecurityFocus