CVE-2010-0151
First published: Fri Feb 19 2010(Updated: )
The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Firewall Services Module Software | =4.0 | |
| Cisco Firewall Services Module Software | =4.0\(4\) | |
| Cisco Firewall Services Module Software | =4.0\(6\) | |
| Cisco Adaptive Security Appliance 5500 | ||
| Cisco Adaptive Security Appliance 5505 | ||
| Cisco Adaptive Security Appliance 5510 Firmware | ||
| Cisco Adaptive Security Appliance 5520 | ||
| Cisco Adaptive Security Appliance 5540 Firmware | ||
| Cisco Adaptive Security Appliance 5550 | ||
| Cisco 5580 series Adaptive Security Appliance | ||
| Cisco ASA 5500 CSC-SSM | ||
| Cisco Catalyst 6500-E | ||
| Cisco Catalyst 7600 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml
- http://www.securityfocus.com/bid/38274
- http://secunia.com/advisories/38621
- http://www.securitytracker.com/id?1023609
- http://www.vupen.com/english/advisories/2010/0418
- http://osvdb.org/62432
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56333
Frequently Asked Questions
What is the severity of CVE-2010-0151?
CVE-2010-0151 has a severity rating that indicates it is capable of causing a denial of service.
How do I fix CVE-2010-0151?
To mitigate CVE-2010-0151, upgrade the Cisco Firewall Services Module to a version that is not vulnerable, specifically to 4.0(8) or later.
What systems are affected by CVE-2010-0151?
CVE-2010-0151 affects Cisco Firewall Services Module versions prior to 4.0(8) running on specific Cisco hardware.
What type of attack does CVE-2010-0151 enable?
CVE-2010-0151 allows remote attackers to exploit a malformed SCCP message to crash the affected Cisco devices.
Is there a workaround for CVE-2010-0151?
There are no specific workarounds for CVE-2010-0151; updating to the recommended version is the main mitigation method.
- collector/nvd-historical
- agent/references
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco firewall services module software
- version/cisco firewall services module software/4.0
- version/cisco firewall services module software/4.0\(4\)
- version/cisco firewall services module software/4.0\(6\)
- canonical/cisco adaptive security appliance 5500
- canonical/cisco adaptive security appliance 5505
- canonical/cisco adaptive security appliance 5510 firmware
- canonical/cisco adaptive security appliance 5520
- canonical/cisco adaptive security appliance 5540 firmware
- canonical/cisco adaptive security appliance 5550
- canonical/cisco 5580 series adaptive security appliance
- canonical/cisco asa 5500 csc-ssm
- canonical/cisco catalyst 6500-e
- canonical/cisco catalyst 7600