Cisco ASA Software CVE-2017-6610 Denial of Service Vulnerability

Cisco ASA Software is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users.

This issue is being tracked by Cisco Bug ID CSCuz11685.

Information

Bugtraq ID: 97934
Class: Input Validation Error
CVE: CVE-2017-6610

Remote: Yes
Local: No
Published: Apr 19 2017 12:00AM
Updated: Apr 20 2017 04:06PM
Credit: Cisco.
Vulnerable: Cisco Adaptive Security Appliance (ASA) Software 9.6
Cisco Adaptive Security Appliance (ASA) Software 9.5
Cisco Adaptive Security Appliance (ASA) Software 9.4
Cisco Adaptive Security Appliance (ASA) Software 9.3
Cisco Adaptive Security Appliance (ASA) Software 9.2
Cisco Adaptive Security Appliance (ASA) Software 9.1
Cisco Adaptive Security Appliance (ASA) Software 9.0

Not Vulnerable: Cisco Adaptive Security Appliance (ASA) Software 9.6(1.5)
Cisco Adaptive Security Appliance (ASA) Software 9.5(3)
Cisco Adaptive Security Appliance (ASA) Software 9.4(4)
Cisco Adaptive Security Appliance (ASA) Software 9.2(4.11)
Cisco Adaptive Security Appliance (ASA) Software 9.1(7.7)

References:

• Cisco Homepage (Cisco )
  
• cisco-sa-20170419-asa-xauth:Cisco ASA Software Internet Key Exchange Version 1 X (Cisco)
  

Source: www.securityfocus.com