FKIE_CVE-2012-4662

Vulnerability from fkie_nvd - Published: 2012-10-29 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21376 and CSCtr27524.
References
psirt@cisco.comhttp://osvdb.org/86147
psirt@cisco.comhttp://secunia.com/advisories/50857
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asaVendor Advisory
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm
psirt@cisco.comhttp://www.securityfocus.com/bid/55862
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/79174
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/86147
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/50857
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asaVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/55862
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/79174
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_software 8.3\(1\)
cisco adaptive_security_appliance_software 8.3\(2\)
cisco adaptive_security_appliance_software 8.4
cisco adaptive_security_appliance_software 8.4\(1\)
cisco adaptive_security_appliance_software 8.4\(1.11\)
cisco adaptive_security_appliance_software 8.4\(2\)
cisco adaptive_security_appliance_software 8.4\(2.11\)
cisco adaptive_security_appliance_software 8.5
cisco adaptive_security_appliance_software 8.5\(1\)
cisco adaptive_security_appliance_software 8.5\(1.4\)
cisco 5500_series_adaptive_security_appliance *
cisco 7600_router *
cisco catalyst_6500 *
cisco catalyst_6503-e -
cisco catalyst_6504-e -
cisco catalyst_6506-e -
cisco catalyst_6509-e -
cisco catalyst_6509-neb-a -
cisco catalyst_6509-v-e -
cisco catalyst_6513 -
cisco catalyst_6513-e -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "95EC2D6C-84BA-4A58-B4A0-6FF8613AF9C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "691166C2-1FBD-46EB-8AA5-FCE303444ACD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4956430E-BEC1-4788-B0D2-E50E36C70306",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "310B4795-4BC3-4F47-8F54-C513ECC2C9F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B9E87F3D-669C-4451-A4C4-E8FE04769248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4154E951-DE5D-4D48-B5BA-B3CCDDA3FBA2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F202892E-2E58-4D77-B983-38AFA51CDBC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F57DF3E-4069-4EF0-917E-84CDDFCEBEEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE25114-ABBC-47A0-9C20-E8D40D721313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FADD5F49-2817-40EC-861C-C922825708BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E628F9C4-98C6-4A95-AF81-F1E6A56E8648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AFF899C-1EB3-46D8-9003-EA36A68C90B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6463491-F63E-44CB-A1D4-C029BE7D3D3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8668D34-096B-4FC3-B9B1-0ECFD6265778",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a crafted DCERPC packet, aka Bug IDs CSCtr21376 and CSCtr27524."
    },
    {
      "lang": "es",
      "value": "El motor de inspecci\u00f3n DCERPC en los dispositivos Cisco Adaptive Security Appliances (ASA) 5500, y el M\u00f3dulo de Servicios de ASA (ASASM) en los dispositivos Cisco Catalyst 6500, con la versi\u00f3n del software anterior a la v8.3(2.25), v8.4 antes de v8.4 (2,5) y v8.5 antes de v8.5(1.13) y el Firewall Services Module (FWSM) v4.1 antes de v4.1(7) en los switches Cisco Catalyst 6500 y los routers de la serie 7600, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio del dispositivo) a trav\u00e9s de un paquete DCERPC modificado, tambi\u00e9n conocido como bug CSCtr21376 y CSCtr27524.\r\n\r\n\r\n"
    }
  ],
  "id": "CVE-2012-4662",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-10-29T20:55:01.307",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/86147"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/50857"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/55862"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79174"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/86147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/50857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/55862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79174"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.