cnvd - cnvd-2015-03402

CNVD-2015-03402

Vulnerability from cnvd - Published: 2015-05-28

Title

Cisco ASA PIM远程拒绝服务漏洞

Description

Cisco Adaptive Security Appliance是一款自适应安全设备，可提供安全和VPN服务的模块。 Cisco Adaptive Security Appliance包含的Protocol Independent Multicast应用存在安全漏洞，允许远程攻击者利用漏洞发送特制的多播报文，破坏多播通信转发。

Severity

中

Patch Name

Cisco ASA PIM远程拒绝服务漏洞的补丁

Patch Description

Cisco Adaptive Security Appliance是一款自适应安全设备，可提供安全和VPN服务的模块。Cisco Adaptive Security Appliance包含的Protocol Independent Multicast应用存在安全漏洞，允许远程攻击者利用漏洞发送特制的多播报文，破坏多播通信转发。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： http://tools.cisco.com/security/center/viewAlert.x?alertId=38937

Reference

http://tools.cisco.com/security/center/viewAlert.x?alertId=38937

Impacted products

Name
['Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0)', 'Cisco Adaptive Security Appliance (ASA) Software 9.2(0.104)', 'Cisco Adaptive Security Appliance (ASA) Software 9.2(3.1)', 'Cisco Adaptive Security Appliance (ASA) Software 9.2(3.4)', 'Cisco Adaptive Security Appliance (ASA) Software 9.3(1.105)', 'Cisco Adaptive Security Appliance (ASA) Software 9.3(2.100)', 'Cisco Adaptive Security Appliance (ASA) Software 9.4(0.115)', 'Cisco Adaptive Security Appliance (ASA) Software 100.13(0.21)', 'Cisco Adaptive Security Appliance (ASA) Software 100.13(20.3)', 'Cisco Adaptive Security Appliance (ASA) Software 100.13(21.9)', 'Cisco Adaptive Security Appliance (ASA) Software 100.14(1.1)']

Name

['Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0)', 'Cisco Adaptive Security Appliance (ASA) Software 9.2(0.104)', 'Cisco Adaptive Security Appliance (ASA) Software 9.2(3.1)', 'Cisco Adaptive Security Appliance (ASA) Software 9.2(3.4)', 'Cisco Adaptive Security Appliance (ASA) Software 9.3(1.105)', 'Cisco Adaptive Security Appliance (ASA) Software 9.3(2.100)', 'Cisco Adaptive Security Appliance (ASA) Software 9.4(0.115)', 'Cisco Adaptive Security Appliance (ASA) Software 100.13(0.21)', 'Cisco Adaptive Security Appliance (ASA) Software 100.13(20.3)', 'Cisco Adaptive Security Appliance (ASA) Software 100.13(21.9)', 'Cisco Adaptive Security Appliance (ASA) Software 100.14(1.1)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-0742"
    }
  },
  "description": "Cisco Adaptive Security Appliance\u662f\u4e00\u6b3e\u81ea\u9002\u5e94\u5b89\u5168\u8bbe\u5907\uff0c\u53ef\u63d0\u4f9b\u5b89\u5168\u548cVPN\u670d\u52a1\u7684\u6a21\u5757\u3002\r\n\r\nCisco Adaptive Security Appliance\u5305\u542b\u7684Protocol Independent Multicast\u5e94\u7528\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53d1\u9001\u7279\u5236\u7684\u591a\u64ad\u62a5\u6587\uff0c\u7834\u574f\u591a\u64ad\u901a\u4fe1\u8f6c\u53d1\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://tools.cisco.com/security/center/viewAlert.x?alertId=38937",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-03402",
  "openTime": "2015-05-28",
  "patchDescription": "Cisco Adaptive Security Appliance\u662f\u4e00\u6b3e\u81ea\u9002\u5e94\u5b89\u5168\u8bbe\u5907\uff0c\u53ef\u63d0\u4f9b\u5b89\u5168\u548cVPN\u670d\u52a1\u7684\u6a21\u5757\u3002Cisco Adaptive Security Appliance\u5305\u542b\u7684Protocol Independent Multicast\u5e94\u7528\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53d1\u9001\u7279\u5236\u7684\u591a\u64ad\u62a5\u6587\uff0c\u7834\u574f\u591a\u64ad\u901a\u4fe1\u8f6c\u53d1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco ASA PIM\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0)",
      "Cisco Adaptive Security Appliance (ASA) Software  9.2(0.104)",
      "Cisco Adaptive Security Appliance (ASA) Software  9.2(3.1)",
      "Cisco Adaptive Security Appliance (ASA) Software  9.2(3.4)",
      "Cisco Adaptive Security Appliance (ASA) Software  9.3(1.105)",
      "Cisco Adaptive Security Appliance (ASA) Software  9.3(2.100)",
      "Cisco Adaptive Security Appliance (ASA) Software  9.4(0.115)",
      "Cisco Adaptive Security Appliance (ASA) Software  100.13(0.21)",
      "Cisco Adaptive Security Appliance (ASA) Software  100.13(20.3)",
      "Cisco Adaptive Security Appliance (ASA) Software  100.13(21.9)",
      "Cisco Adaptive Security Appliance (ASA) Software 100.14(1.1)"
    ]
  },
  "referenceLink": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38937",
  "serverity": "\u4e2d",
  "submitTime": "2015-05-26",
  "title": "Cisco ASA PIM\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2015-0742 (GCVE-0-2015-0742)

Vulnerability from cvelistv5 – Published: 2015-05-21 10:00 – Updated: 2024-08-06 04:17

Summary

The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398.

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://tools.cisco.com/security/center/viewAlert.…	vendor-advisoryx_refsource_CISCO
	http://www.securitytracker.com/id/1032381	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/74750	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:17:32.853Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20150520 Cisco Adaptive Security Appliance Protocol Independent Multicast Registration Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38937"
          },
          {
            "name": "1032381",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032381"
          },
          {
            "name": "74750",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74750"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-05-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-30T15:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20150520 Cisco Adaptive Security Appliance Protocol Independent Multicast Registration Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38937"
        },
        {
          "name": "1032381",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032381"
        },
        {
          "name": "74750",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74750"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-0742",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20150520 Cisco Adaptive Security Appliance Protocol Independent Multicast Registration Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38937"
            },
            {
              "name": "1032381",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032381"
            },
            {
              "name": "74750",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74750"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-0742",
    "datePublished": "2015-05-21T10:00:00",
    "dateReserved": "2015-01-07T00:00:00",
    "dateUpdated": "2024-08-06T04:17:32.853Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2015-03402

CVE-2015-0742 (GCVE-0-2015-0742)

Tags

Sightings

Nomenclature