CVE-2007-2461
First published: Wed May 02 2007(Updated: )
The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Adaptive Security Appliance Software | =7.2.2 | |
| Cisco PIX | =7.2 | |
| Cisco Adaptive Security Appliance Software | =7.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html
- http://www.kb.cert.org/vuls/id/530057
- http://www.securityfocus.com/bid/23763
- http://www.securitytracker.com/id?1017999
- http://www.securitytracker.com/id?1018000
- http://secunia.com/advisories/25109
- http://www.osvdb.org/35330
- http://www.vupen.com/english/advisories/2007/1635
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34026
- collector/nvd-historical
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/cisco
- canonical/cisco adaptive security appliance software
- version/cisco adaptive security appliance software/7.2.2
- canonical/cisco pix
- version/cisco pix/7.2